Is 456 Ch.4

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

The Children's Online Privacy Protection Act (COPPA) restricts the collection of information online from children. What is the cutoff age for COPPA regulation?

13

Which one of the following is the best example of an authorization control?

Access control lists

Tom is the IT manager for an organization that experienced a server failure that affected a single business function. What type of plan should guide the organization's recovery effort?

Business continuity plan (BCP)

What is the first step in a disaster recovery effort?

Ensure that everyone is safe

What compliance regulation applies specifically to the educational records maintained by schools about students?

FERPA

Which one of the following is an example of a direct cost that might result from a business disruption?

Facility repair

Betsy recently assumed an information security role for a hospital located in the United States. What compliance regulation applies specifically to health care providers?

HIPAA

Which one of the following is an example of a reactive disaster recovery control?

Moving to a warm site

What level of technology infrastructure should you expect to find in a cold site alternative data center facility?

No technology infrastructure

Which item in a Bring Your Own Device (BYOD) policy helps resolve intellectual property issues that may arise as the result of business use of personal devices?

Onboarding/offboarding

Holly would like to run an annual major disaster recovery test that is as thorough and realistic as possible. She also wants to ensure that there is no disruption of activity at the primary site. What option is best in this scenario?

Parallel test

Alan is developing a business impact assessment for his organization. He is working with business units to determine the maximum allowable time to recover a particular function. What value is Alan determining?

Recovery Time Objective (RTO)

Which formula is typically used to describe the components of information security risks?

Risk = Threat X Vulnerability

Earl is preparing a risk register for his organization's risk management program. Which data element is LEAST likely to be included in a risk register?

Risk survey results

Which is NOT one of the three tenets of information security?

Safety

The term risk management describes the process of identifying, assessing, prioritizing, and addressing risks.

True


संबंधित स्टडी सेट्स

2.1.1 PLTW Intro to biomedical science

View Set

intro to project ch 1- number set 2

View Set

Property and Casualty Insurance Terms and Related Concepts

View Set

Ch 4 Managing Income Taxes Part 1

View Set