INFX Chapter 12.3: Security Policies

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which policy are the formal rules and guidelines that a business puts in place to hire, train, assess, and reward the members of their company?

Human Resource Policies

What is the most common security policy failure?

Lack of user awareness

A code of ethics accomplishes all but which of the following?

Clearly defines courses of action to take when a complex issue is encountered.

What is the primary goal of business continuity planning?

Maintaining business operations with reduced or restricted infrastructure capabilities or resources

Which policy outlines how the organization will secure private information for employees, clients, and customers?

Privacy Policy

Which policy privileged user account is any account that gives full access to the system?

Privileged User Account Policy

Which policy these accounts give users the ability to access and modify critical system settings, view restricted data, and so on?

Privileged User Account Policy

When analyzing assets, which analysis method assigns financial values to assets?

Quantitative

Which policy is a document that outlines and defines remote connections methods that are accepted by a company?

Remote Access Policy

Your company has developed and implemented countermeasures for the greatest risks to their assets. However, there is still some risk left. What is the remaining risk called?

Residual risk

Which policy defines the overall security outlook for an organization?

Security Policy

Which business document is a contract that defines the tasks, time frame, and deliverables that a vendor must perform for a client?

Statement of work

Arrange the steps in the change and configuration management process on the left into correct completion order on the right.

1. Identify 2. Conduct . 3. Define 4. Notify 5. Implement 6. Test 7. Document

Which of the following is an example of an internal threat?

A user accidentally deletes the new product designs.

Which policy identifies whether employees have rights to use company property, such as internet access and computer equipment, for personal use?

Acceptable Use Policy (AUP)

Which of the following defines an acceptable use agreement?

An agreement that identifies the employee's rights to use company property, such as internet access and computer equipment, for personal use.

You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device?

Change management

Which policy documents access control to company resources and information. This policy specifies who is allowed to access an organization's various systems?

Authorized Access Policy

You are concerned about the amount of traffic that passed through a router on your network. You want to see how the amount of traffic has changed over time. Which document would help you identify past average network traffic?

Baseline

In business continuity planning, what is the primary focus of the scope?

Business processes

Which policy provides a structured approach to securing company assets and making process changes?

Change and Configuration Management Policy

You are troubleshooting a workstation connection to the network. During your troubleshooting, you replace the drop cable connecting the computer to the network. Which type of document should you update?

Change documentation

Which of the following network strategies connects multiple servers together so that if one server fails, the others immediately take over its tasks, preventing a disruption in service?

Clustering

What is a set of rules or standards that help you to act ethically in various situations?

Code of Ethics

You want to make sure that the correct ports on a firewall are open or closed. Which document should you check?

Configuration documentation

When recovery is being performed due to a disaster, which services are to be stabilized first?

Mission critical

When troubleshooting a router, you want to identify which other devices are connected to the router, as well as the subnet addresses of each connected subnet. Which type of document would most likely have this information?

Network diagram

What is when the relationship with the third party ends, you need to ensure that all of the doors that were opened between organizations during the onboarding phase are closed?

Off-boarding

When one organization needs to work directly with another in either a vendor or partner relationship, steps should be taken to ensure that the integration process maintains the security of each party's network?

Onboarding

Which policy details the requirements for passwords?

Password Policy

A new law was recently passed that states that all businesses must keep a history of the emails sent between members of the board of directors. You need to ensure that your organization complies with this law. Which document type would you update first in response to this new law?

Policy

Which policy outlines how personally identifiable information (PII) can be used and how it is protected from disclosure?

Privacy Policy

Purchasing insurance is what type of response to risk?

Transference

Which policy identify actions that must take place when an employee's status changes?

User Management Policy

Which policy is the administrator of a network for an organization needs to be aware of new employees, employee advancements and transfers, and terminated employees to ensure the security of the system?

User Management Policy

You have installed anti-virus software on computers at your business. Within a few days, however, you notice that one computer has a virus. When you question the computer's user, she says she did install some software a few days ago, but it was supposed to be a file compression utility. She admits she did not scan the file before running it. What should you add to your security measures to help prevent this from happening again?

User awareness training

Which of the following terms describes a test lab environment that does not require the use of physical hardware?

Virtual sandbox

When is choosing to do nothing about an identified risk acceptable?

When the cost of protecting the asset is greater than the potential loss

Which type of documentation would you consult to find the location of RJ45 wall jacks and their endpoints in the intermediate distribution closet?

Wiring schematic


Set pelajaran terkait

Nervous Tissue Connect Assignment

View Set

Anatomy Theory Block 2 Set B** Objectives

View Set

Principles of Accounting Exam #1

View Set

4.3 - Functions, Tuples, Dictionaries, Exceptions and Data Processing (PCEP-30)

View Set

Infant & Child Development Exam 3 Part 1

View Set