Master Cybersecurity: Protection and Privacy in Finance

    flowchart TD
	    A[Start] --> B[Collect Data]
	    B --> C{Is Data Sensitive?}
	    C -- Yes --> D[Encrypt Data]
	    C -- No --> E[Proceed As Normal]
	    D --> E
	    E --> F[Data Transfer]
	    F --> G[Data Stored Securely]

### What is the purpose of encryption in cybersecurity? - [x] To convert data into a code to prevent unauthorized access - [ ] To delete all data from a device - [ ] To slow down processing speed - [ ] To allow third-party access > **Explanation:** Encryption is a method of converting data into a code to prevent unauthorized access, ensuring that only authorized parties can read the information. ### Which regulation requires financial institutions to notify customers about their information-sharing practices? - [x] Gramm-Leach-Bliley Act (GLBA) - [ ] Health Insurance Portability and Accountability Act (HIPAA) - [ ] Financial Industry Regulatory Authority (FINRA) guidelines - [ ] No such regulation exists > **Explanation:** The Gramm-Leach-Bliley Act (GLBA) requires financial institutions to inform their customers about information-sharing practices and protect sensitive customer data. ### What security practice involves using two different authentication factors for access? - [x] Two-Factor Authentication (2FA) - [ ] Single Sign-On (SSO) - [ ] Multi-Password Protection - [ ] Encryption > **Explanation:** Two-Factor Authentication (2FA) requires two different authentication factors to enhance security beyond just a password. ### Which regulation primarily protects the personal data of European Union citizens? - [x] General Data Protection Regulation (GDPR) - [ ] Gramm-Leach-Bliley Act (GLBA) - [ ] Payment Card Industry Data Security Standard (PCI DSS) - [ ] U.S. Patriot Act > **Explanation:** The General Data Protection Regulation (GDPR) protects the personal data and privacy of individuals within the European Union. ### In a cybersecurity context, what is a data breach? - [x] Unauthorized access and retrieval of sensitive data - [ ] A process to enhance data storage - [x] Loss of data storage capabilities - [ ] Authorized sharing of information > **Explanation:** A data breach occurs when sensitive, protected, or confidential data is accessed or retrieved without authorization. ### Why is it essential to keep software up to date? - [x] To protect against vulnerabilities and threats - [ ] To increase hardware sales - [ ] To make systems slower - [ ] To reduce electricity consumption > **Explanation:** Regular software updates protect against vulnerabilities and threats by patching potential security holes. ### Which step should come first in implementing strong cybersecurity practices? - [x] Conducting a risk assessment - [ ] Hiring new employees - [x] Issuing press releases - [ ] Buying new hardware > **Explanation:** Conducting a risk assessment helps identify potential threats and weaknesses, which is crucial before implementing cybersecurity measures. ### What is the significance of the SEC’s cybersecurity guidelines? - [x] They ensure financial firms follow best practices - [ ] They replace existing data privacy laws - [ ] They are optional suggestions - [ ] They apply only to European firms > **Explanation:** The SEC’s guidelines ensure financial firms adhere to best practices in cybersecurity, safeguarding investor interests. ### True or False: Data Encryption eliminates all cyber threats. - [ ] True - [x] False > **Explanation:** While data encryption is critical for securing data, it does not eliminate all cyber threats. Layered security measures are necessary for comprehensive protection. ### Which of the following illustrates two-factor authentication? - [x] Fingerprint scan and password - [ ] Username only - [ ] Password only - [ ] Only birthdate > **Explanation:** Two-factor authentication combines two different factors like a fingerprint scan and password, adding an extra security layer.