Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

PECB Exam Lead-Cybersecurity-Manager Topic 5 Question 19 Discussion

Actual exam question for PECB's Lead-Cybersecurity-Manager exam
Question #: 19
Topic #: 5
[All Lead-Cybersecurity-Manager Questions]

Scenario 5: Pilotron is a large manufacturer known for its electric vehicles that use renewable energy. One of Its objectives Is 10 make the world a cleaner place by reducing the consumption of fossil fuels. In addition to electric vehicles, Pilotron also offers solar roof and advanced battery technology, all manufactured at its factory in Bastogne. Belgium. As one of the most Innovative manufacturers in Europe, Pilotron invests heavily in research and development to create unique components, such as motors, sensors, and batteries. In addillon, it places a strong emphasis on delivering high-quality products, and requires all employees to undergo an intensive onboarding program that includes hands-on training.

Pilotron did not prioritize the establishment of a cybersecurity program to protect its information. This became evident when a frustrated employee took advantage of the company's lack of cybersecurity measures. The employee was aware that Pilotron's existing security measures could easily be evaded The company became aware of the incident after five weeks, when a sudden surge in network data transfer raised suspicions upon investigation. Pilotron discovered that the employee had multiple requests for access to software development resources that were unrelated to their daily tasks By using a false user name and avoiding the implemented cybersecurity controls, the employee directly modified the code of one of Pilotron's products. This unauthorized code change enabled the employee to transfer highly sensitive data to external parties

Knowing that insider threats pose a significant risk and the existing security controls were ineffective. Pilotron decided to shift its cybersecurity focus toward proactive detection and prevention strategies. It implemented a security software that detects unusual access patterns, large data upload, and credential abuse Additionally, Pilotron recognized the need to help improve the security of Its systems by Isolating devices (PCs. servers) on the opposite sides of a firewall.

The company also implemented an identity management solution to ensure the verification of Individuals requesting access. It decided to implement a mechanism that ensured only authorized individuals can access sensitive systems and dat

a. In addition to the traditional username and password, employees were now required to provide a unique personal identifier, such as a fingerprint, as well as a one-time verification code generated through a mobile app

Moreover, in order to enhance security measures and gain the benefits of cloud computing, Pilotron decided to leverage cloud based services. A kiv factor in Pilotroo's decision was the capability to construct and oversee its personalized Infrastructure Instead of depending on pre-set platforms or software applications, the company could craft its virtualized environments. The significant level of customization is of utmost importance to Pilotron since it enables adjusting its infrastructure to align with the specific requirements of its projects and clients.

Based on the scenario above, answer the following question:

Based on scenario 5, whirl cloud service model did Pilotron decide 10 use?

Show Suggested Answer Hide Answer
Suggested Answer: C

Regularly testing and applying patches is a best practice in cybersecurity, as it helps to address known vulnerabilities and maintain the security of server systems. Patching is a crucial part of maintaining a secure IT environment.

Detailed Explanation:

Patch Management:

Definition: The process of managing updates to software and systems to fix vulnerabilities and improve security.

Importance: Ensures that systems are protected against known vulnerabilities that could be exploited by attackers.

Regular Testing and Patching:

Benefits: Helps to identify and address security weaknesses promptly, reducing the risk of exploitation.

Process: Involves testing patches in a controlled environment before deployment to ensure compatibility and effectiveness.

Cybersecurity Reference:

ISO/IEC 27001: Emphasizes the importance of regular updates and patch management as part of an ISMS.

NIST SP 800-40: Provides guidelines on patch management, recommending regular testing and deployment of patches to maintain system security.

Regular testing and patching are essential to keeping systems secure and preventing potential exploits.


Contribute your Thoughts:

Precious
13 hours ago
I disagree. I believe Pilotron decided to use Platform as a Service (PaaS) because they wanted to craft their virtualized environments and customize their infrastructure.
upvoted 0 times
...
Fannie
1 days ago
I think Pilotron went with Infrastructure as a Service (IaaS). The scenario mentions that Pilotron wanted to customize its own virtualized environments instead of relying on pre-set platforms or applications, which sounds like the flexibility provided by IaaS.
upvoted 0 times
...
Jade
2 days ago
I agree with Cletus. Since Pilotron wanted to construct and oversee its personalized infrastructure, IaaS would be the best fit.
upvoted 0 times
...
Cletus
3 days ago
I think Pilotron decided to use Infrastructure as a Service (IaaS).
upvoted 0 times
...

Save Cancel