Security Review 3

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

A passive IDPS response is a definitive action automatically initiated when certain types of alerts are triggered.

False

Fire detection systems fall into two general categories: manual and electrical.

False

In some organizations, asset management is the identification, inventory, and documentation of the current information system's status—hardware, software, and networking configurations. __________

False

Residual risk is the risk that has not been removed, shifted, or planned for after vulnerabilities have been completely resolved.

False

The Graham-Leach-Bliley Act is a critical piece of legislation that affects the executive management of publicly traded corporations and public accounting firms. _________________________

False

The general management community of interest must plan for the proper staffing of the information security function. _________________________

False

The primary advantages of a centralized IDPS control strategy are cost and ease of use. _________________________

False

The systems development life cycle (SDLC) is the overall process of developing, implementing, and retiring information systems through a multistep approach—from initiation to use. __________

False

Two watchdog organizations that investigate allegations of software abuse are the Software & Information Industry Association (SIIA) and National Security Agency (NSA).

False

An information security ________ is a specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls, including information security policies, security education, and training.

Framework

In many organizations, information security teams lack established roles and responsibilities.

True

SP 800-14, Generally Accepted Principles and Practices for Securing Information Technology Systems, provides best practices and security principles that can direct the security team in the development of a security ________.

Blueprint

A primary mailing list for new vulnerabilities, called simply __________, provides time-sensitive coverage of emerging vulnerabilities, documenting how they are exploited and reporting on how to remediate them. Individuals can register for the flagship mailing list or any one of the entire family of its mailing lists.

Bugtraq

The date for sending the final RFP to vendors is considered a(n) __________, because it signals that all RFP preparation work is complete.

Milestone

Acts of ____________________ can lead to unauthorized real or virtual actions that enable information gatherers to enter premises or systems they have not been authorized to enter.

Trespass

One encryption method made popular by spy movies involves using the text in a book as the key to decrypt a message.

True

Organizations can use dictionaries to regulate password selection during the reset process and thus guard against easy-to-guess passwords.

True

Security efforts that seek to provide a superior level of performance in the protection of information are referred to as best business practices. _________________________

True

The Computer Security Resource Center at NIST provides several useful documents free of charge in its special publications area. _________________________

True

The ISO/IEC 27000 series is derived from an earlier standard, BS7799.

True

The International Society of Forensic Computer Examiners (ISFCE) offers the Certified Computer Examiner (CCE) certification. _________________________

True

The basic function of the external monitoring process is to monitor activity, report results, and escalate warnings. __________

True

The online UPS can deliver a constant, smooth, conditioned power stream to computing systems.

True

The optimal time frame for training is usually one to three weeks before the new policies and technologies come online. _________________________

True

The process of integrating information security perspectives into the hiring process begins with reviewing and updating all job descriptions.

True


Kaugnay na mga set ng pag-aaral

Chapter 7. Cognition; Test Yourself Questions

View Set

GSNC Exam 2 Study Guide Questions

View Set

Geometry - End of Course Review 3

View Set

Unit 2 (Eastern Classical Civilization (500 BC - 500 AD)

View Set

Chapter 50: Caring for Clients with Disorders of the Endocrine System

View Set