What is the underlying cause of almost every data breach?Select one:Poorly crafted passwordHuman errorUnpatched deviceZero-day attack

A data breach is an example of positive riskSelect one:TrueFalse

Which of the following data breach scenarios is caused by an accidental insider?Group of answer choicesA competitor gains access to confidential product development plansA hacker steals customer data by exploiting a software vulnerabilityAn employee intentionally shares sensitive company information on social mediaA hospital employee accidentally sends patient records to the wrong email address

1.Question 1Which three (3) of these were among the top 5 security drivers in 2019? (Select 3)1 pointA significant skills gap exists with more new cybersecurity professional needed the total number currently working in this fieldIOT device attacks moving from targeting consumer electronics to targeting enterprise devicesNew security and privacy laws that went into effect in 2019Factors such as cloud migration and IT complexity act as cost multipliers making new breaches increasingly expensive2.Question 2What was the average time to identify and contain a breach in 2019?1 point12 hours7 days46 days279 days3.Question 3Which industry had the highest average cost per breach in 2019 at $6.45M1 pointTechnologyFinanceRetailHealthcareGovernmentManufacturing4.Question 4Breaches caused by which source resulted in the highest cost per incident in 2019?1 pointEmployee or contractor negligencePolitically motivated hactivistsCriminal insiderCredentials theft5.Question 5According to the Threat Intelligence Strategy Map, The threat intelligence process can be broken down into 4 steps: Collect, Process, Analyze, and Share. Which step would contain activities such as normalize, correlate, confirm and enrich the data?1 pointCollectProcessAnalyzeShare6.Question 6According to the Threat Intelligence Strategy Map, The threat intelligence process can be broken down into 4 steps: Collect, Process, Analyze, and Share. Which step would contain activities such as investigate, contain, remediate and prioritize?1 pointCollectProcessAnalyzeShare7.Question 7According to the Crowdstrike model, threat hunters, vulnerability management and incident response belong in which intelligence area?1 pointOperationalTacticalControlStrategic8.Question 8Which three (3) sources are recommended reading for any cybersecurity professional? (Select 3)1 pointX-Force ExchangeDer CyberSpiegelInfoSecurity MagazineKrebs on Security9.Question 9Which two (2) of these were among the 4 threat intelligence platforms covered in the Threat Intelligence Platforms video? (Select 2)1 pointAVG UltimateTruSTARIBM X-Force ExchangeBigFix10.Question 10Which threat intelligence framework is divided into 3 levels. Level 1 is getting to know your adversaries. Level 2 involves mapping intelligence yourself and level 3 where you map more information and use that to plan your defense?1 pointDiamond Model of Intrusion AnalysisMitre Att&ck KnowledgebaseLockheed Martin Cyber Kill ChainCyber Threat Framework11.Question 11True or False. An organization's security immune system should be isolated from outside organizations, including vendors and other third-parties to keep it from being compromised. 1 pointTrueFalse12.Question 12Activities performed as a part of security intelligence can be divided into pre-exploit and post-exploit activities. Which two (2) of these are pre-exploit activities? (Select 2)1 pointPrioritize vulnerabilities to optimize remediation processes and close critical exposuresPerform forensic investigationGather full situational awareness through advanced security analyticsDetect deviations from the norm that indicate early warnings of APTs13.Question 13True or False. According to the FireEye Mandiant's Security Effectiveness Report 2020, more that 50% of successful attacks are able to infiltrate without detection.1 pointTrueFalse

Reflect on Security Trends - Verizon DBIRFrom the Verizon DBIR you selected, answer the following:Who is behind the attacks? Explain the general categories rather than specific threat actors.What actions are being used?Who are the breach victims?

A company notices unusual data transmissions from their IoT devices. Upon investigation, it is discovered that the devices were still operating with their default factory settings, including passwords, which allowed an attacker to easily gain control. This situation highlights what kind of vulnerability?