Cyber Security Chapter 8 Quiz

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Unauthorized visitors have entered a company office and are walking around the building. What two measures can be implemented to prevent unauthorized visitor access to the building? (Choose two.)

Establish policies and procedures for guests visiting the building, Conduct security awareness training regularly.

If a person knowingly accesses a government computer without permission, what federal act laws would the person be subject to?

CFAA

An organization has implemented a private cloud infrastructure. The security administrator is asked to secure the infrastructure from potential threats. What three tactics can be implemented to protect the private cloud? (Choose three.)

Disable ping, probing, and port scanning, Test inbound and outbound traffic, Update devices with security fixes and patches.

A consultant is hired to make recommendations on managing device threats in a company. What are three general recommendations that can be made? (Choose three.)

Enable screen lockout, Disable administrative rights for users, Enable automated antivirus scans.

A school administrator is concerned with the disclosure of student information due to a breach. Under which act is student information protected?

FERPA

As part of HR policy in a company, an individual may opt-out of having information shared with any third party other than the employer. Which law protects the privacy of personal shared information?

GLBA

What are two items that can be found on the Internet Storm Center website? (Choose two.)

InfoSec job postings, InfoSec reports

Why is Kali Linux a popular choice in testing the network security of an organization?

It is an open source Linux security distribution and contains over 300 tools.

What can be used to rate threats by an impact score to emphasize important vulnerabilities?

NVD

A breach occurs in a company that processes credit card information. Which industry specific law governs credit card data protection?

PCI DSS

A company has had several incidents involving users downloading unauthorized software, using unauthorized websites, and using personal USB devices. The CIO wants to put in place a scheme to manage the user threats. What three things might be put in place to manage the threats? (Choose three.)

Provide security awareness training, Disable CD and USB access, Use content filtering.

A company is attempting to lower the cost in deploying commercial software and is considering a cloud based service. Which cloud based service would be best to host the software?

SaaS

An auditor is asked to assess the LAN of a company for potential threats. What are three potential threats the auditor may point out? (Choose three.)

a misconfigured firewall, unauthorized port scanning and network probing, unlocked access to network equipment

What are the three broad categories for information security positions? (Choose three.)

builders, definers, monitors

What are two potential threats to applications? (Choose two.)

data loss, unauthorized access

What three services does CERT provide? (Choose three.)

develop tools, products, and methods to conduct forensic examinations, resolve software vulnerabilities, develop tools, products, and methods to analyze vulnerabilities

As a security professional, there is a possibility to have access to sensitive data and assets. What is one item a security professional should understand in order to make informed ethical decisions?

laws governing the data

What are three disclosure exemptions that pertain to the FOIA? (Choose three.)

national security and foreign policy information, law enforcement records that implicate one of a set of enumerated concerns, confidential business information

A security professional is asked to perform an analysis of the current state of a company network. What tool would the security professional use to scan the network only for security risks?

vulnerability scanner


Ensembles d'études connexes

Chapter 09: Teaching and Counseling

View Set

Indiana Laws and Department Rules Common to All Lines

View Set

Psychology 2301 Comprehensive Final Exam

View Set

Dependent/Matched/Paired Sample T-tests

View Set

STUDY: UNIT III EXAM. CHAPTERS 10, 12, and 13 CONCEPTS

View Set

Live Virtual Machine Lab 7.1: Module 07 Security Assessment Techniques

View Set

CH.8 Video Marketing and Youtube

View Set

Pol Sci 369 Final Multiple Choice Qs

View Set