Information/Cyber Security Questions
Mark is considering outsourcing security functions to a third-party service provider. What benefit is he most likely to achieve? Developing in-house talent Reduced operating costs Access to a high level of expertise Building internal knowledge
Access to a high level of expertise
Which technology category would not likely be the subject of a standard published by the International Electrotechnical Commission (IEC)? Solar energy Encryption Semiconductors Consumer appliances
Encryption
Privacy is the process used to keep data private. True or False
False
Which term accurately describes Layer 3 of the Open Systems Interconnection (OSI) model? Physical Application Network Session
Network
Joe is responsible for the security of the industrial control systems for a power plant. What type of environment does Joe administer? Mobile Embedded Mainframe Supervisory Control and Data Acquisition(SCADA)
Supervisory Control and Data Acquisition (SCADA)
The Federal Trade Commission (FTC) Safeguards Rule requires a financial institution requires a financial institution to create a written information security program that must state how the institution collects and uses customer data. True or False
True
The Internet Architecture Board (IAB) is a subcommittee of IETF. True or False
True
Which one of the following is an example of a disclosure threat? Alteration Destruction Denial Espionage
Espionage
During the security phase of a security review, you review and measure all controls to capture actions and changes on the system. True or False
False
System infectors are viruses that attache document files containing embedded macro programming capabilities. True or False
False
The Family Educational Rights and Privacy Act (FERPA) requires that specific information security controls be implemented to protect student records. True or False
False
The International Standard Book Number (ISBN) is an IEEE standard. True or False
False
Which document is the initial stage of a standard under the Internet Engineering Task Force (IETF) process? Standard (STD) Best Current Practice (BCP) Draft Standard (DS) Proposal Standard (PS)
Proposal Standard (PS)
Taylor is preparing to submit her company's Payment Card Industry Data Security Standard (PCI DSS) self assessment questionnaire. The company uses a payment application that is connected to the Internet but does not conduct e-commerce. What self-assessment questionnaire (SAQ) should she use? SAQ A, SAQ C, SAQ D, SAQ B
SAQ C
Which one of the following is an example of two-factor authentication? Password and security questions Personal identification number (PIN) and password Token and smart card Smart card and personal identification number (PIN)
Smart card and personal identification number (PIN)
Purchasing an insurance policy is an example of the _______ risk management strategy. Reduce Transfer Avoid Accept
Transfer
Protected health information (PHI) is an individually identifiable information about a person's health. True or False
True
The most critical aspect of a WAN services contract is how the service provider supplies troubleshooting, network management, and security management services. True or False
True
Val would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology can she use? Virtual LAN (VLAN) Firewall Transport Layer Security (TLS) Virtual Private Network (VPN)
Virtual LAN (VLAN)
Allie is working on the development of a web browser and wants to make sure that the browser correctly implements the Hypertext Markup Language (HTML) standard. What organization's documentation should she turn to for the authoritative source of information? World Wide Web Consortium (W3C) International Electrotechnical Commission (IEC) Internet Engineering Task Force (IETF) National Institute of Standards and Technology (NIST)
World Wide Web Consortium (W3C)