Cyber Security- Ch.5 Security Operations Quiz

A set of security controls or system settings used to ensure uniformity of configuration throughout the IT environment. (D5.2, L5.2.1)

Baseline.

Which of the following can be used to map data flows through an organization and the relevant security controls used at each point along the way? (D5.1, L5.1.1)

Data life cycle.

A ready visual cue to let anyone in contact with the data know what the classification is. (D5.1, L5.1.1)

Label. The label reflects the classification of a given piece of data.

Which of the following is always true about logging? (D5.1, L5.1.3)

Logs should be stored separately from the systems they're logging

What is the most important aspect of security awareness/training? (D5.4, L5.4.1)

Protecting health and human safety

Who is responsible for publishing and signing the organization's policies? (D5.3, L5.3.1)

Senior Management

A mode of encryption for ensuring confidentiality efficiently, with a minimum amount of processing overhead (D5.1, L5.1.3)

Symmetric.

Which organizational policy is most likely to indicate which types of smartphones can be used to connect to the internal IT environment? (D5.3, L5.3.1)

The BYOD policy (bring your own device). The BYOD policy typically describes which devices can be used to process data and access networks belonging to the organization.

Which entity is most likely to be tasked with monitoring and enforcing security policy? (D5.3, L5.3.1)

The security office

Why is an asset inventory so important? (D5.2, L5.2.1)

You can't protect what you don't know you have