Cybersecurity Final Exam Review (Chapters 12-15)

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which of the following is the definition of continuing professional education (CPE)?

A standard unit of credit that equals 50 minutes of instruction.

________refers to an educational institution that has successfully undergone evaluation by an external body to determine whether the institution meets applicable standards.

Accredited

Which is Cisco's highest level of certification?

Architect

The regulating agency for the Children's Internet Protection Act is the ________.

FCC

Which regulating agency has oversight for the Children's Internet Protection Act?

FCC

The ________________,enacted as part of the American Recovery and Reinvestment Act of 2009, was designed to promote the widespread adoption and standardization of health information technology.

HITECH Act

The four main credentials of the ________ are Systems Security Certified Practitioner (SSCP®), Certified Information Systems Security Professional (CISSP®), Certified Authorization Professional (CAP®), and Certified Secure Software Lifecycle Professional (CSSLP®).

International Information Systems Security Certification Consortium, Inc. (ISC)2

Which is the highest level of Check Point certification for network security?

CCMA

____________ creates standards that federal agencies use to classify their data and IT systems.

NIST

"There are so many demands on your time, it is often difficult to justify setting aside time to study. Also, you may find that self-study takes more time than you planned." This is a disadvantage to choosing the self-study option that can be labeled ________.

procrastination

The four main areas in NIST SP 800-50 are awareness, training, education, and __________________.

professional development

FISMA requires each federal agency to create an agency-wide information security program that includes training employees, contractors, and any other users of their IT systems. This is referred to as ________.

security awareness training

A master's degree program goes beyond the level of a bachelor's degree program and generally consists of ___________ year(s) of study beyond a bachelor's degree.

two

One type of degree that many institutions offer is the associate's degree. This degree is the most accessible because it generally represents a _________ program.

two-year

The HITECH Act defined a tiered system for assessing the level of each HIPAA privacy violation and, therefore, its penalty. Tier B includes ________.

violations due to reasonable cause, but not "willful neglect"

Tier C violations under the HITECH Act are ________.

violations due to willful neglect that the organization ultimately corrected

Obtaining the coveted CAE/IAE or CAE/R designation means the curriculum and research institutions meet or exceed the standards defined by the _______.

NSA

What name is given to educational institutions that meet specific federal information assurance educational guidelines?

National Centers of Academic Excellence in Information Assurance Education (CAE/IAE)

____________ is a person's right to control the use and disclosure of his or her own personal information.

Privacy

The regulating agency for the Sarbanes-Oxley Act is the ________.

Securities and Exchange Commission

DoD Directive 8570.01 is a voluntary certification requirement and has increased the number of personnel who pursue certifications.

True

Employers do use certifications to help assess prospects, but the best assessment is the prospect's actual performance.

True

The Infotec Security Certified Program (SCP) certification programs apply mainly to network security topics and are most appropriate for professionals involved in securing network components within the IT infrastructure.

True

The purpose of DoD Directive 8570.01 is to reduce the possibility that unqualified personnel can gain access to secure information.

True

Today, one of the most common methods for identifying what skills a security professional possesses is his or her level of certification.

True

The regulating agency for the Family Educational Rights and Privacy Act is the ________.

U.S. Department of Education

In the legal system, ________ is the act of following laws, rules, and regulations that apply to organizations.

compliance

Information regulated under the Gramm-Leach-Bliley Act is ________.

consumer financial information

An educational program that is generally associated with a college or university that provides formal courses that do not lead to degrees is the definition of ________.

continuing education

The purpose of ________ is to provide formal training courses that lead to a certificate or professional certification and not a degree.

continuing education

Information regulated under the Sarbanes-Oxley Act is ________.

corporate financial information

Health plans, health care clearinghouses, and any health care provider that transmit PHI in an electronic form are known as ________ under HIPAA.

covered entities

FERPA allows a special category of personally identifiable information to be disclosed without student consent. A school can do this so long as it has given notice to the student that it will disclose this information. This category of information is called _____________.

directory information

CompTIA's Security+ certification provides ________.

entry-level information security certification of choice for IT professionals

The standard bachelor's degree is a __________ program.

four-year

The ________ is a regulation that covered entities may disclose only the amount of protected health information absolutely necessary to carry out a particular function.

minimum necessary rule

With university doctoral programs, completing the degree requirements takes ________.

no standard time frame

What term is used to describe any personally identifiable financial information that a consumer provides to a financial institution?

nonpublic personal information (NPI)

The ____________ concentration from (ISC)2 is the road map for incorporating security into projects, applications, business processes, and all information systems.

CISSP-ISSEP

The ____________ concentration from (ISC)2 is the road map for incorporating security into projects, applications, business processes, and all information systems.

CISSP-ISSEP®

The ____________ concentration from (ISC)2 contains deeper managerial elements such as project management, risk management, setting up and delivering a security awareness program, and managing a business continuity planning program.

CISSP-ISSMP

The ____________ concentration from (ISC)2 contains deeper managerial elements such as project management, risk management, setting up and delivering a security awareness program, and managing a business continuity planning program.

CISSP-ISSMP®

What name is given to a document that verifies that a student has completed courses and earned a sufficient score on an assessment?

Certificate of completion

The best fits for (ISC)2's_____________ are personnel responsible for developing and implementing processes used to assess risk and for establishing security requirements.

Certified Authorization Professional

(ISC)2 offers the ________________ credential, which is one of the few credentials that address developing secure software. It evaluates professionals for the knowledge and skills necessary to develop and deploy secure applications.

Certified Secure Software Lifecycle Professional

Generically, this is data that can be used to individually identify a person, including Social Security number, driver's license number, financial account data, and health data.

Personally identifiable information (PII)


Conjuntos de estudio relacionados

NUR 222 - Ch 43-47 - Test 4 PrepU superset

View Set

Conversation 1-3 BOLD questions only (1)

View Set

Nursing Care of the Child With an Alteration in Behavior, Cognition, or Development

View Set

Health & Illness Final Exam (second half of review questions)

View Set

Maternal and Newborn Success Study Questions

View Set

Polyatomic ions (only -2 and -3 charges)

View Set

CS 409 - Overview (Module 1) [Prelim Reviewer]

View Set