Test #4

¡Supera tus tareas y exámenes ahora con Quizwiz!

What do the letters of the C-I-A triad stand for?

confidentiality, integrity, availability

Information regulated under the Sarbanes-Oxley Act is ________.

corporate financial information

Under the Health Insurance Portability and Accountability Act (HIPAA), an organization that performs a health care activity on behalf of a covered entity is known as a(n) ________.

health care clearinghouse

The Federal Information Security Management Act (FISMA) requires each federal agency to create an agency-wide information security program that includes training employees, contractors, and any other users of their IT systems. This is referred to as ________.

security awareness training

Which is Cisco's highest level of certification?

Architect

The (ISC)2 _____________ certification focuses on developing and implementing processes used to assess risk and for establishing security requirements.

Certified Authorization Professional (CAP)

________ is information that is publicly available about all students at a school.

Directory information

Students who have had their Family Educational Rights and Privacy Act (FERPA) rights violated are allowed to sue a school for that violation.

False

The Children's Internet Protection Act (CIPA) defines a minor as anyone under the age of 13.

False

The hertz is a measure of magnetic flux.

False

The main goal of the Gramm-Leach-Bliley Act (GLBA) is to protect investors from financial fraud.

False

________ is an international security standard that documents a comprehensive set of controls that represent information systems best practices.

ISO 17799

The ________ is the committee of the ITU responsible for ensuring the efficient and effective production of standards covering all fields of telecommunications for all nations.

ITU Telecommunication Sector (ITU-T)

The ________ is the main United Nations agency responsible for managing and promoting information and technology issues.

International Telecommunication Union (ITU)

The purpose of the ________ is to "make the Internet work better." It focuses on the engineering aspects of Internet communication and attempts to avoid policy and business questions. It is an open organization, and it has no membership requirements.

Internet Engineering Task Force (IETF)

Generically, this is data that can be used to individually identify a person, including Social Security number, driver's license number, financial account data, and health data.

Personally identifiable information (PII)

____________ is a person's right to control the use and disclosure of his or her own personal information.

Privacy

A certification is an official statement that validates the fact that a person has satisfied specific requirements.

True

International Electrotechnical Commission (IEC) standards address emerging power needs and how they affect other functional areas.

True

The Gramm-Leach-Bliley Act (GLBA) applies to the financial activities of both consumers and privately held companies.

True

The IEEE 802 LAN/MAN standards family relate to information security.

True

The ITU Telecommunication Sector (ITU-T) developed and published the X.25, X.75, and X.509 communication recommendations.

True

The SANS Institute provides training that prepares students for Global Information Assurance Certification (GIAC) certifications.

True

Under the Children's Internet Protection Act (CIPA), a library or school must be able to disable the technology protection measure (TPM) for any adult.

True

Cascading Style Sheets (CSS), Common Gateway Interface (CGI), and Hypertext Markup Language (HTML) are standards developed or endorsed by the ____________.

World Wide Web Consortium (W3C)

The stated purpose of the ___________ is to develop protocols and guidelines that unify the World Wide Web and ensure its long-term growth.

World Wide Web Consortium (W3C)

The regulating agency for the Sarbanes-Oxley Act is the ________.

Securities and Exchange Commission

________ is a document produced by the Internet Engineering Task Force (IETF) that contains standards as well as other specifications or descriptive contents.

A Request for Comments (RFC)

Which is the highest level of Check Point certification for network security?

CCMA

The National Institute of Standards and Technology (NIST) is the main United Nations agency responsible for managing and promoting information and technology issues.

False

The International Electrotechnical Commission (IEC) develops and publishes international standards for technologies related to electrical and electronic devices and processes.

True

The International Electrotechnical Commission (IEC) is an international nonprofit organization that focuses on developing and distributing standards that relate to electricity and electronics.

True

The purpose of DoD Directive 8570.01 is to reduce the possibility that unqualified personnel can gain access to secure information.

True

The Federal Information Security Management Act (FISMA) requires each federal agency to create an agency-wide information security program that includes a plan to fix weaknesses in the program. This is referred to as ________.

remedial actions

What is the National Institute of Standards and Technology (NIST)?

A federal agency within the U.S. Department of Commerce whose mission is to "promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life"

The ________ is a U.S. standards organization whose goal is to empower its members and constituents to strengthen the U.S. marketplace position in the global economy, while helping to ensure the safety and health of consumers and the protection of the environment.

American National Standards Institute (ANSI)

The ____________ concentration from (ISC)2 contains managerial elements such as project management, risk management, setting up and delivering a security awareness program, and managing a business continuity planning program.

CISSP-ISSMP

The regulating agency for the Children's Internet Protection Act is the ________

Department of Health and Human Services

The International Telecommunication Union (ITU) is the predominant organization for developing and publishing international standards for technologies related to electrical and electronic devices and processes.

False

The United States has one comprehensive data protection law known as the Personal Information Protection and Electronic Documents Act.

False


Conjuntos de estudio relacionados

Chapter 9: Sales Force Compensation

View Set

OB Exam 1 - Maternal Physiologic Changes in Pregnancy

View Set

Mgt291 chapter 4 Understanding Social Perception and Managing Diversity

View Set

CPT Chapter 2: Psychology of Behavior Change

View Set

Leadership - Ch 9 - MGMT-5370-W01 - SEMINAR

View Set