Splunk: The Cybersecurity Landscape Quiz Final Exam Answers

Splunk: The Cybersecurity Landscape Quiz Final Exam Answers

The Splunk: The Cybersecurity Landscape Quiz Final Exam Answers provide a reliable and up-to-date resource for learners seeking to master the foundational concepts of modern cybersecurity operations. This collection includes carefully verified questions and accurate answers that cover key topics such as threat landscapes, security monitoring, data analysis, and the role of SIEM tools like Splunk in detecting and responding to cyber threats. Designed to support both beginners and aspiring security professionals, it helps reinforce critical knowledge, improve analytical skills, and ensure successful exam preparation for 2026 and beyond.

1. Which of the frameworks mentioned in this course includes a set of outcomes organized as Functions and Categories  that cover cybersecurity objectives?

  • NIST CSF
  • OWASP TOP 10
  • CIS 18
  • ISO/IEC 27000 series

The NIST CSF organizes cybersecurity outcomes into Functions (Identify, Protect, Detect, Respond, Recover) and further into Categories and Subcategories, making it unique among the options listed.

2. Which of the frameworks mentioned in this course represents a broad consensus about the most critical security risks to web applications?

  • ISO/IEC 27000 series
  • NIST CSF
  • CIS 18
  • OWASP Top Ten

The OWASP Top Ten represents a widely recognized consensus on the most critical security risks to web applications, compiled by security experts and the global community.

3. Employees in the Shipping department of the Splunk T-Shirt company require access to customer addresses to fulfill orders, however they do not require access to customer’s credit card details.  This is an example of what part of the CIA Triad?

  • Availability
  • Authenticity
  • Authorization
  • Authentication

This scenario demonstrates Authorization, which is about controlling what specific data or resources a user is allowed to access. Employees are permitted to view customer addresses (necessary for shipping) but restricted from accessing credit card details, ensuring proper access control.

4. The Splunk T-Shirt company identifies an internal server running an unpatched version of software. This is an example of:

  • A Risk
  • A Vulnerability
  • A Threat

An unpatched server represents a vulnerability, which is a weakness in a system that could be exploited by a threat actor.

5. What does Authorization mean?

  • Being able to verify the identity of a user, process or device
  • No party can deny the validity of the data
  • Refers to the access that should be granted to a user, process or device
  • Ensuring that protected information is only seen by those who are meant to see it

Authorization refers to the access that should be granted to a user, process, or device—determining what resources they are allowed to use after their identity has been verified.

6. What are two components generally used to calculate the Risk of a particular event?

  • The ability to transfer responsibility of the event
  • The probability of the event happening
  • The cost of preventing the event from happening
  • The cost or impact of the event happening

7. Fill in the blank:

There is no Risk if there is no Vulnerability or no Threat.

8. A database including names, addresses and credit card information from customers of an organization has been posted on a publicly accessible website.

Which of the component of the CIA Triad has been broken in this situation?

  • Integrity
  • Confidentiality
  • Availability

9. How would you classify the information in a company’s social media post?

  • As Confidential data
  • As Public data
  • As Private data

10. What is Authentication in the context of the CIA Triad?

  • Being able to verify the identity of a user, process or device
  • Ensuring that protected information is only seen by those who are meant to see it
  • The access that should be granted to a user, process or device
  • No party can deny the validity of the data

11. Which of the following are opposites of Availability in the context of the CIA triad? (Select 2)

  • Destruction of data
  • Modifying data
  • Denial of valid access
  • Blocking unauthorized access

12. A list of email addresses from customers of the Splunk T-Shirt company has been disclosed by accident. What are the most likely impacts of this incident? Choose 2.

  • The company will have to pay attorney’s fees
  • Increased risk of Identity theft for individuals
  • Damage to the company’s reputation
  • Interruption of critical services

13. Which standard or regulation deals with Credit Card Information?

  • HIPAA
  • PCI-DSS
  • EU-GDPR

14. According to what you have learned about risk management, which of the following is a good guideline to follow when determining how to take action on a Risk?

  • All Risks should be treated equally and resolved as soon as possible
  • Only Risks deemed Critical should be actioned
  • The probability of the Risk happening should be the only driver when it comes to taking action on it
  • The action against the Risk shouldn’t cost more than facing the Risk itself

15. There are different actions an organization can take once a Risk has been identified. Match each of the potential actions with the example that best represents it:

Splunk The Cybersecurity Landscape Quiz Final Exam Answers 01
Splunk The Cybersecurity Landscape Quiz Final Exam Answers 01
  • Mitigate → An organization installs AntiMalware software on employee machines
  • Avoid → An organization moves their data center to an area away from frequent natural disasters
  • Accept → An organization documents the risk of offering their services online
  • Transfer → An organization decides to use third-party cloud software instead of developing in-house