Quiz #6 Info Sec

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

FALSE

A hardware configuration chart should NOT include copies of software configurations.

FALSE

A remediation liaison makes sure all personnel are aware of and comply with organization's policies.

Threat

Aditya is attempting to classify information regarding a new project that his organization will undertake in secret. Which characteristic is NOT normally used to make these type of classification decisions?

Baseline

Ann is creating a template for the configuration of Windows servers in her organization, it includes the basic security setting that should apply to all systems. What type of document should she create?

Formatting

Bob is preparing to dispose of magnetic media and wishes to destroy the data stored on it. Which method is NOT a good approach for destroying data?

FALSE

Change doesn't create a risk for a business.

TRUE

Classification scope determines what data you should classify; classification process determines how you handle classified data.

Authorizing official (AO)

In an accreditation process, who has the authority to approve a system for implementation?

Authorization

Janet is identifying the set of privileges that should be assigned to a new employee in her organization. Which phase of the access control process is she performing?

Project initiation and planning

Marguerite is creating a budget for a software development project. What phase of the system life cycle is she undertaking?

FALSE

Often an extension of memorandum of understanding (MOU), the blanket purchase agreement (BPA) serves as an agreement that documents the technical requirements of interconnected assets.

TRUE

One advantage of using a security management firm for security monitoring is that it has a high level of expertise.

TRUE

Policies that cover data management should cover transitions throughout the data life cycle

Phishing

Roger's organization received a mass email message that attempted to trick users into revealing their passwords by pretending to be a help desk representative. What category of social engineering is this an example of?

Memorandum of understanding (MOU)

Which agreement type is typically less formal than other agreements and expresses areas of common interest?

Laws

Which of the following would NOT be considered in the scope of organizational compliance efforts?

Enforcing the integrity of computer-based information

Which practice is NOT considered unethical under RFC 1087 issued by the Internet Architecture Board (IAB)?

TRUE

With proactive change management. management initiates the change to achieve a desired goal.

Access to high level of expertise

Mark is considering outsourcing security functions to a third-party provider. What benefit is he most likely to achieve?

TRUE

The idea that users should be granted only the levels of permissions they need in order to perform their duties is called the principle of least privilege.

Request, impact assessment, approval, build/test, implement, monitor

What is correct order of steps in the charge control process?

Punish users who violate policy

What is NOT a goal of information security awareness programs?

TRUE

Written security policies document management's goals and objectives

Waterfall

In what software development model does activity progress in a lock-step sequential process where no phase begins until the previous phase is complete?

TRUE

Social engineering is deceiving or using people to get around security controls.


Set pelajaran terkait

Chapter 23- Endocrine Emergencies

View Set

Weather and Climate [WEATHER AND CLIMATE]

View Set

Chemistry Test #1: Chapter 10: Moles, Molar Mass and Volume, Empirical and Molecular Formulas, Percent Composition

View Set

8.3 Describing and Analyzing Data

View Set

Econ 120 Pearson (practiceHW+Quizzes)

View Set

NUR 3420- Pharmacology Exam 3-ATI Questions

View Set

Exercise Physiology: Muscle Strengthening

View Set

lab test unit 3: fungi and protozoa information

View Set

GS BUSA 497 CH 10 - Change Control Management

View Set

Chapter 3 practice test - - - Political science

View Set