Info Security Quiz 3
A(n) ________ is an event that prevents a critical business function (CBF) from operating for a period greater than the maximum tolerable downtime (MTD)
Disaster
Adopting ethical boundaries in an attempt to demonstrate them to others is considered
Encouraging the adoption of ethical guidelines and standards
If a system reports an intrusion alert each time an administrator connects to a server using SSH (secure shell) what type of error is that?
False Positive Error
Antivirus, firewall, and email use policies belong to what part of a security policy hierarchy
Functional Policies
What is a set of concepts and policies for managing IT infrastructure, development, and operations? The information is published in a series of books, each covering a separate IT management topic.
ITIL
When should an organization's managers have an opportunity to respond to the findings in an audit?
Managers can respond to a draft copy of the audit report
Security controls place limits on risky activities. if you are permanently reviewing all your controls to capture change on the go in any component, you are
Monitoring
What is the least likely goal of an information security awareness program?
Punish users who violate the policy
What is the correct order of change control procedures regarding changes to systems and networks?
Request, Impact assessment, Approval, Build/Test, Implement, monitor
Which intrusion detections system strategy relies on pattern matching?
Signature detection
BPA - True or False? A blanket purchase agreement (BPA) creates pre-approved accounts with qualified suppliers to fulfill recurring orders for products or services.
True
HIDS - True or False? A host-based intrusion detection system (HIDS) can recognize an anomaly that is specific to a particular machine or user
True
True or False? After audit activities are completed, auditors perform data analysis
True
True or False? One way to harden a system is to turn off or disable unnecessary services?
True
True or False? You must continue to make backups of data and systems while running at an alternate site
True
