CH. 12-15

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

Security training programs typically differ from security education programs in their focus on ______________.

hands-on skills

What series of Special Publications does the National Institute of Standards and Technology (NIST) produce that covers information systems security activities?

800

What DoD directive requires that information security professionals in the government earn professional certifications?

8140

Donna is building a security awareness program designed to meet the requirements of the Payment Card Industry Data Security Standard (PCI DSS) 3.2. How often must she conduct training for all current employees?

Annually

Mary is designing a software component that will function at the Presentation Layer of the Open Systems Interconnection (OSI) model. What other two layers of the model will her component need to interact with?

Application and Session

__________ is a continuous process designed to keep all personnel vigilant.

Awareness

What certification focuses on information systems audit, control, and security professionals?

Certified Information Systems Auditor (CISA)

Which of the following certifications is considered the flagship Information Systems Security Certification Consortium, Inc. (ISC)2 certification and the gold standard for information security professionals?

Certified Information Systems Security Professional (CISSP)

Maya is creating a computing infrastructure compliant with the Payment Card Industry Data Security Standard (PCI DSS). What type of information is she most likely trying to protect?

Credit card information

What is the highest level of academic degree that may be earned in the field of information security?

Doctor of philosophy (PhD)

Which organization creates information security standards that specifically apply within the European Union?

European Telecommunications Standards Institute (ETSI) Cyber Security Technical Committee (TC CYBER)

Erin is a system administrator for a federal government agency. What law contains guidance on how she may operate a federal information system?

Federal Information Security Management Act (FISMA)

Vincent recently went to work for a hospital system. He is reading about various regulations that apply to his new industry. What law applies specifically to health records?

Health Insurance Portability and Accountability Act (HIPAA)

Tim is implementing a set of controls designed to ensure that financial reports, records, and data are accurately maintained. What information security goal is Tim attempting to achieve?

Integrity

Bill is conducting an analysis of a new IT service. He would like to assess it using the Open Systems Interconnection (OSI) model and would like to learn more about this framework. What organization should he turn to for the official definition of OSI?

International Organization for Standardization (ISO)

Alison retrieved data from a company database containing personal information on customers. When she looks at the SSN field, she sees values that look like this: "XXX-XX-9142." What has happened to these records?

Masking

What federal government agency is charged with the responsibility of creating information security standards and guidelines for use within the federal government and more broadly across industries?

National Institute of Standards and Technology (NIST)

Which term accurately describes Layer 3 of the Open Systems Interconnection (OSI) model?

Network

Brian is the information security training officer for a health care provider. He wants to develop a training program that complies with the provisions of Health Insurance Portability and Accountability Act (HIPAA). Which of the following topics must be included?

Password management

A security awareness program that focuses on an organization's Bring Your Own Device (BYOD) policy is designed to cover the use of what type of equipment?

Personally owned devices

Which of the following programs requires passing a standardized examination that is based upon a job-task analysis?

Professional certification

What type of organizations are required to comply with the Sarbanes-Oxley (SOX) Act?

Publicly traded companies

What type of publication is the primary working product of the Internet Engineering Task Force (IETF)?

Request for comment (RFC)

Which of the following items would generally NOT be considered personally identifiable information (PII)?

Trade secret

Allie is working on the development of a web browser and wants to make sure that the browser correctly implements the Hypertext Markup Language (HTML) standard. What organization's documentation should she turn to for the authoritative source of information?

World Wide Web Consortium (W3C)


संबंधित स्टडी सेट्स

Security+ CompTIA Exam Questions

View Set

CHAPTER 15 - FEMALE REPRODUCTIVE, MATERNITY & NEWBORNS

View Set

Practice Questions for 401 Exam 1

View Set

Adrenergics (carvedilol, clonidine, doxazosin)

View Set