Reference no: EM132676959
A firewall can be an example of a preventive control. True A vulnerabilityrisk True
is a a human caused or natural event that could impact the system, whereas a is a weakness in the system that can be exploited.
A regional bank at which you are preforming a security assessment has placed a remote access server outside the firewall to provide a front-end for remote employees. This is an example of a ________________.
- Bastion Host
- Demilitarized Zone
- Proxy Server
- Intrusion Detection System (IDS)
An organization has opened a new office in a somewhat risky neighborhood. The office manager installs a CCTV system to monitor the perimeter and main entrance 24 hours a day. This an example of a _____________ control.
- Preventive
- Detective
- Administrative
- Corrective
The _______________ domain refers to any endpoint device used by end users, which includes but is not limited to mean any smart device in the end user's physical possession and any device accessed by the end user, such as a smartphone, laptop, workstation, or mobile device.
- Workstation
- User
- WAN
- System/Application
Your organization has recently adopted a policy that requires monthly ssecurity training for all users. What type of control does this represent?
- Physical
- Technical
- Compensatory
- Administrative/Procedural
Your organization requires the use of a RSA token as well as a username and password to connect to the network remotely. This an example of what type of Authentication mechanism?
- Biometric
- Two-factor
- Single-factor
- Token
The elements of Information Assurance are Confidentiality, Integrity, Availability, Authentication, and what?
- Nonrepudiation
- Encryption
- Compliance
- Authorization
Integrity ensures that only authorized individuals have access to data.
Availability ensures information is available to authorized users and devices. Initially, the information owner must determine availability requirements. The owner must determine who needs access to the data and when.
___________________ is the act of protecting information and the systems that store and process it.
- Risk Assessment
- Policy Framework
- Information Systems Security
- Change Mangement
It is important for leaders in information systems security to:
- Demonstrate ethical behavior.
- Require ethical behavior from employees.
- Recognize and work with various personality types.
- Work with others to gain support for and adherence to security policies.
- All of the above.
Refer back to question 13. The most difficult and time consuming step of policy implementation is also the last step. What step is that?
- Anchor the Changes in Corporate Culture
- Assemble a Powerful Coliation
- Communicate the Vision
- Create Urgency
What defines how an organization performs and conducts business functions and transactions with a desired outcome?
- Policy
- Standards
- Procedures
- Guidelines
- All of the above
The first step in incident response takes its name from a medical term and is the art of rapidly assessing how severe an incident is. Which is the correct term?
- Analysis
- OpSec
- Containment
- Triage
A firewall can be an example of a technical control.