Risk It All!

Cybersecurity

Governance Principles

Risk Management

Compliance Regulations

100

What type of software is used to block unauthorized access to a network?

What is a firewall?

100

What is the name of the group responsible for overseeing a company's management and operations?

What is the board of directors?

100

What is the process of identifying, assessing, and prioritizing risks in an organization?

What is risk management?

100

What does HIPAA protect in the U.S.?

What is personal health information (PHI)

200

What is the term for malicious software that damages or disrupts a computer system?

What is malware?

200

What is the process by which a company ensures that its operations align with its goals and values?

What is governance?

200

What do we call the chance that an event will negatively affect an organization?

What is risk?

200

What is the term for a penalty for not following a regulation?

What is a fine?

300

What do you call an attack where hackers flood a system with traffic to make it unusable?

What is a DDoS attack (Distributed Denial of Service)?

300

What is the process of setting clear roles and responsibilities for decision-making in a company called?

What is role definition?

300

What is the name of the plan designed to help a company recover from unexpected events?

What is a contingency plan?

300

What is the purpose of compliance regulations?

What is to ensure organizations follow laws and rules?

400

What type of cyber attack involves an attacker pretending to be a trusted entity to steal sensitive information?

What is phishing?

400

What is the term for the values and culture that guide how a company operates?

What is corporate culture?

400

What do we call Vulnerabilities that come from within the organization, such as system failures?

What are internal risks?

400

What is the term for regular checks to make sure a company is following regulations?

What are compliance audits?

500

What kind of attack happens when an attacker intercepts communication between two parties to steal information?

What is a man-in-the-middle attack?

500

What is the principle of making information available to stakeholders to promote trust and accountability?

What is transparency?

500

What type of risk involves threats from outside the organization, like natural disasters?

What are external risks?

500

What does PCI DSS regulate?

What is the protection of credit card data?