User Account

All Pages

What is the primary goal of business process reengineering

Assignment Help Other Subject
Reference no: EM131619512

Question 1
The use of encryption and digital signatures helps ensure that what was transmitted is the same as what was received. Which of the following is assured?
Question options:
Confidentiality
Availability
Integrity
Nonrepudiation

Question 2
The concept of "need to know" is most closely associated with which of the following?
Question options:
Authentication
Availability
Confidentiality
Integrity

Question 3
What is the primary goal of business process reengineering?
Question options:
To develop new security policies
To improve business processes
To implement an enterprise resource system
To determine management bonuses

Question 4
An unauthorized user accessed protected network storage and viewed personnel records. What has been lost?
Question options:
Confidentiality
Nonrepudiation
Integrity
Availability

Question 5
What does COBIT stand for?
Question options:
Control Objectives for Information and Related Technology
Common Objects for Information and Technology
Common Objectives for Information and Technology
Control Objects for Information Technology

Question 6
What does "tone at the top" refer to?
Question options:
Policies, in relation to standards, procedures, and guidelines
Confidentiality in the C-I-A triad
Regulatory bodies, in relation to security policies and controls
Company leaders

Question 7
Which of the following types of security controls stops incidents or breaches immediately?
Question options:
Preventive
Corrective
Detective
None of the above

Question 8
An encryption system is an example of which type of security control?
Question options:
Technical
Corrective
Physical
Administrative

Question 9
Security controls fall into three design types: preventive, detective, and:
Question options:
effective.
corrective.
quantitative.
qualitative.

Question 10
Which of the following is not a generally accepted principle for implementing a security awareness program?
Question options:
Competency should be measured.
Remind employees of risks.
Leaders should provide visible support.
None of the above.

Question 11
Of the following compliance laws, which focuses most heavily on personal privacy?
Question options:
FISMA
GLBA
HIPAA
SOX

Question 12
To which sector does HIPAA apply primarily?
Question options:
Financial
None of the above
Communications
Medical

Question 13
Which law was challenged by the American Library Association and the American Civil Liberties Union claiming it violated free speech rights of adults?
Question options:
CIPA
FERPA
HIPAA
GLBA

Question 14
To which sector does the Sarbanes-Oxley Act apply primarily?
Question options:
Medical
Publically traded companies
Financial
Communications

Question 15
Which compliance law concept states that only the data needed for a transaction should be collected?
Question options:
Public interest
Limited use of personal data
Full disclosure
Opt-in/opt-out

Question 16
You are on the West Coast but want to connect to your company's intranet on the East Coast. You use a program to "tunnel" through the Internet to reach the intranet. Which technology are you using?
Question options:
Role-based access control
Elevated privileges
Virtual private networking
Software as a Service

Question 17
Which of the following is not true of segmented networks?
Question options:
By limiting certain types of traffic to a group of computers, you are eliminating a number of threats.
Switches, routers, internal firewalls, and other devices restrict segmented network traffic.
A flat network has more controls than a segmented network for limiting traffic.
Network segmentation limits what and how computers are able to talk to each other.

Question 18
In which domain is virtual private networking a security control?
Question options:
WAN Domain
Remote Access Domain
Both A and B
Neither A nor B

Question 19
A security policy that addresses data loss protection, or data leakage protection, is an issue primarily in which IT domain?
Question options:
User
Workstation
WAN
System/Application

Question 20
A nurse uses a wireless computer from a patient's room to access real-time patient information from the hospital server. Which domain does this wireless connection fall under?
Question options:
System/Application
User
WAN
LAN

Question 21
Regarding security policies, what is a stakeholder?
Question options:
An individual who has an interest in the success of the security policies
A framework in which security policies are formed
A placeholder in the framework where new policies can be added
Another name for a change request

Question 22
Which personality type tends to be best suited for delivering security awareness training?
Question options:
Pleaser
Performer
Analytical
Commander

Question 23
Which of the following is typically defined as the end user of an application?
Question options:
Data owner
Data manager
Data custodian
Data user

Question 24
Which of the following is not true of auditors?
Question options:
Report to the leaders they are auditing
Are accountable for assessing the design and effectiveness of security policies
Can be internal or external
Offer opinions on how well the policies are being followed and how effective they are

Question 25
In an organization, which of the following roles is responsible for the day-to-day maintenance of data?
Question options:
Data owner
Information security office (ISO)
Compliance officer
Data custodian

Question 26
Which of the following include details of how an IT security program runs, who is responsible for day-to-day work, how training and awareness are conducted, and how compliance is handled?
Question options:
Procedures
Guidelines
Standards
Policies

Question 27
Which of the following are used as benchmarks for audit purposes?
Question options:
Policies
Guidelines
Standards
Procedures

Question 28
What does an IT security policy framework resemble?
Question options:
Narrative document
Cycle diagram
List
Hierarchy or tree

Question 29
Which of the following is not a control area of ISO/IEC 27002, "Information Technology-Security Techniques-Code of Practice for Information Security Management"?
Question options:
Security policy
Risk assessment and treatment
Asset management
Audit and accountability

Question 30
What is included in an IT policy framework?
Question options:
Procedures
Guidelines
Standards
All of the above

Question 31
Which of the following is generally not an objective of a security policy change board?
Question options:
Review requested changes to the policy framework
Coordinate requests for changes
Make and publish approved changes to policies
Assess policies and recommend changes

Question 32
When publishing an internal security policy or standard, which role or department usually gives final approval?
Question options:
Audit and Compliance Manager
Senior Executive
Legal
Human Resources

Question 33
Virus removal and closing a firewall port are examples of which type of security control?
Question options:
Corrective
Recovery
Detective or response
Preventive

Question 34
Fences, security guards, and locked doors are examples of which type of security control?
Question options:
Technical security
None of the above
Administrative
Physical security

Question 35
Which principle for developing policies, standards, baselines, procedures, and guidelines discusses a series of overlapping layers of controls and countermeasures?
Question options:
Multidisciplinary principle
Accountability principle
Proportionality principle
Defense-in-depth principle

Question 36
Who is responsible for data quality within an enterprise?
Question options:
Data steward
Data custodian
CISA
CISO

Question 37
The core requirement of an automated IT security control library is that the information is:
Question options:
alphabetized.
in a numerical sequence.
in PDF format
searchable.

Question 38
Which security policy framework focuses on concepts, practices, and processes for managing and delivering IT services?
Question options:
ITIL
COBIT
COSO
OCTAVE

Question 39
__________ refers to the degree of risk an organization is willing to accept.
Question options:
Probability
Risk aversion
Risk tolerance
Risk appetite

Question 40
A fundamental component of internal control for high-risk transactions is:
Question options:
a defense in depth.
a separation of duties.
data duplication.
following best practices.

Reference no: EM131619512

Questions Cloud

What are the objectives for capitalizing interest : Your client is in the planning phase for a major plant expansion, What are the objectives for capitalizing interest
According to put-call parity : According to put-call parity, what series of transactions would be necessary to take advantage of any mispricing?
Constructs bear put spread on ford between strike prices : An investor constructs a bear put spread on Ford between the strike prices of $12 and $15.
Regarding portfolio manager combined stock-option position : Which of the following statements regarding the portfolio’s manager’s combined stock/option position is correct?
What is the primary goal of business process reengineering : The use of encryption and digital signatures helps ensure that what was transmitted is the same as what was received. Which of the following is assured?
Develop an annotated bibliography on the given factors : develop an annotated bibliography on one of the following factors that has had a significant impact on business and management communication in the past decade.
Discuss about the form of certificates of deposit : Riches and Associates retains its cash reserves primarily in the form of certificates of deposit (Ci:>s), which earn interest at an annual rate of 8%.
How much time elapses between the two sounds : The speed of sound in air is approximately 340 m/s. The speed of sound in steel is approximately 5900 m/s. If your friend strikes one end of a steel pipe
What is amount of the remaining balance of your car loan : What is the amount of the remaining balance of your car loan?

Reviews

Write a Review

Other Subject Questions & Answers

  How is technology changing the nature of customer service

How is technology changing the nature of customer service and service offerings? ?(It is a discussion question, so there is no requirement of how many paragraphs or words you need to write)

  Create an argument to assert that financial planning process

Create an argument to assert that the financial planning process is of high value to a health care organization. Provide support for your argument.

  Discuss the philosophy of community-oriented policing

Detail the benefits that have already been actualized under the philosophy of community-oriented policing

  How would you describe this industry

Industry structure is often measured by computing the Four-Firm Concentration Ratio. Suppose you have an industry with 20 firms and the CR is 20%

  What were the most compelling points from the interaction

What were the most compelling points from the interaction with your fellow students and how did participating in this discussion help in your understanding of the Discussion Board task?

  Discuss the key considerations in the area you chose

Discuss the key considerations in the area you chose (risk analysis, new ventures or stakeholder management) when formulating a strategy for an energycompany.

  The format below is to be followed for each paper you can

below is the requirement and an example the paper needs to be one and half pages so that would be no more the 400-450

  Where it is unnecessary to verify managements information

After reading and discussing how important it is for auditors to gather evidence to back up client claims, you are now introduced to accounting services where it is unnecessary to verify management's information.

  Critically discuss notions of autonomy

Based on and using examples from your required readings, critically discuss notions of autonomy as they relate to women's health care. Include some discussion of the conflicts that arise from ideal and actual conditions defining patient autonomy.

  Explain the link between stress and mental illness

1. Explain the link between stress and mental illness, and then use that explanation to explain class, gender, and race differences in mental illness.

  The country of alginor spends an average of 4000 per

the country of alginor spends an average of 4000 per person each year on health care. what does alginor spend each year

  Description of conflicting viewpoints surrounding the issue

Description of conflicting viewpoints surrounding the issue and Various policy outcomes that are desired by the different participants in the debate.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd