Master CIPS L6M7 Exam with Reliable Practice Questions

Correct : A

Integrity refers to the trustworthiness and accuracy of data. If data has been altered, its integrity has been compromised. The Information Security Triangle consists of Confidentiality, Integrity, and Availability (CIA). Accuracy is not part of this model. (P.143)

Correct : D

Gooseberry is not a type of cyber attack. The others---birthday attacks, phishing, and man-in-the-middle---are real cybersecurity threats. Other common attacks include malware, denial of service (DoS), drive-by attacks, password attacks, SQL injection, cross-site scripting, and eavesdropping. (P.146)

Correct : C

While it is important to consider employees and suppliers, cybersecurity risks can exist at various points in the supply chain. Alicia needs to assess potential threats at every stage. A risk assessment alone does not protect against threats (Option B is incorrect), and there is no indication that a third party must complete the assessment (Option D). (P.154)

Correct : A

Cybersecurity policies should be evaluated as early as possible in the procurement process. The pre-qualification stage allows buyers to assess suppliers' security practices before inviting them to bid, ensuring that only secure vendors are considered. (P.156)

Correct : B, D

Human errors, such as using weak passwords and opening insecure attachments, are major risks in cybersecurity. Educating users on best security practices can help mitigate these threats. The other options relate to technical or system risks rather than human behavior. (P.173)