Quiz #12 InfoSec

TRUE

ANSI produces standards that affect nearly all aspects of IT.

FALSE

All request for comments (RFC) originate from the Internet Engineering Task Force (IETF).

IEEE 802.3

Gary is troubleshooting a security issue on an Ethernet network and would like to look at the Ethernet standard. What publication should he seek out?

TRUE

ISO/IEC 27002 provides organizations with best-practice recommendations on information security management.

Credit card information

Maya is creating a computing infrastructure compliant with the Payment Card Industry Data Security Standard (PCI DSS). What type of information is she most likely trying to protect?

TRUE

Payment Card Industry Data Security Standard (PCI DSS) version 3.2 defines 12 requirements for compliance, organized into sic groups, called control objectives.

FALSE

The Institute of Electrical and Electronics Engineers (IEEE) publishes or sponsors more than 13,000 standards and projects.

TRUE

The International Electrotechnical Commission (IEC) was instrumental in the development of standards for electrical measurements, including gauss, hertz, and weber.

FALSE

The International Standard Book Number (ISBN) is an IEEE standard.

TRUE

The International Telecommunication Union (ITU) was formed in 1865 as the International Telegraph Union to develop international standards for the emerging telegraph communication industry.

TRUE

The Internet Architecture Board (IAB) is a subcommittee of the IETF.

TRUE

The Internet Engineering Task Force (IETF) is a collection of working groups (WGs), and each working group addresses a specific topic.

FALSE

The National Institute of Standards and Technology (NIST) is a nongovernmental organization whose goal is to develop and publish international standards.

FALSE

The National Institute of Standards and Technology (NIST) is the main United Nations agency responsible for managing and promoting information and technology issues.

TRUE

Visa, MasterCard, and other payment card vendors helped to create the Payment Card Industry Data Security Standard (PCI DSS)

National Institute of Standards and Technology (NIST)

What federal agency is charged with the mission of promoting "U.S innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life?"

Subject matter expertise or routing and switching

What is NOT an area where Internet Architecture Board (IAB) provides oversight on behalf of the Internet Engineering Task Force (IETF)

800

What series of Special Publications does the National Institute of Standards and Technology (NIST) produce that covers information systems security activities?

Proposed Standard (PS)

Which document is the initial stage of a standard under the Internet Engineering Task Force (IETF) process?

Cryptography

Which element is NOT a core component of the ISO 270002 standard?

American National Standards Institute (ANSI)

Which organization created a standard version of the widely used C programming language in 1989?

European Telecommunication Standards Institute (ETSI) Cyber Security Technical Committee (TC CYBER)

Which organization creates information security standards that specifically apply within the European Union?

International Telecommunication Union (ITU)

Which organization promotes technology issues as an agency of the United Nations?

Network

Which term accurately describes Layer 3 of the Open Systems Interconnection (OSI) model?

Hertz

Which unit of measure represents frequency and is expressed as the number of cycles per second?