Quiz 7 Coms System Security

The first step in the risk management process is to monitor and control deployed countermeasures.

False

Violet deploys an intrusion prevention system (IPS) on her network as a security control. What type of control has Violet deployed?

Preventive

What is a key principle of risk management programs?

Don't spend more to protect an asset than it is worth.

What term describes the longest period of time that a business can survive without a particular critical system?

Maximum tolerable downtime (MTD)

Which data source comes first in the order of volatility when conducting a forensic investigation?

RAM

Adam is evaluating the security of a web server before it goes live. He believes that an issue in the code allows an SQL injection attack against the server. What term describes the issue that Adam discovered?

Vulnerability

Which control is NOT an example of a fault tolerance technique designed to avoid interruptions that would cause downtime?

Warm site

Forensics and incident response are examples of __________ controls.

corrective

Purchasing an insurance policy is an example of the ____________ risk management strategy.

transfer

The recovery point objective (RPO) can come from the business impact analysis or sometimes from a government mandate, such as banking laws.

True