CSIS 340 Chapter 4
A key component to IT security is authorization, which is especially important in large, complex organizations with thousands of employees and hundreds of systems. Two methods of authorization are role based access control (RBAC) and attribute based access control (ABAC). Although RBAC and ABAC can provide the same access, which of the following is an advantage of ABAC?
In ABAC, roles are expressed more in business terms and thus may be more understandable.
There are several types of domains in the IT infrastructure. Which of the following is not one of these domains?
VPN
Bring Your Own Device (BYOD) is a current trend within many organizations, which raises a host of security policy questions that must be addressed for handheld device use. Which of the following is not one the questions?
What is a reason the person owns the device?
An efficient organization requires the proper alignment of people, processes, and technology. One of the ways good security policies can mitigate this risk is through enforcement. Which of the following situations is an example of enforcement?
an employee is given the authority to request a wire transfer, and a manager is required to approve the transfer
Though there are many ways to group security policies, a common method is to organize common risks and related policy issues into__________________ that share similarities but are distinctive enough to allow logical separation into more manageable secure areas.
domains
Which of the following is not one of the common network devices found on the LAN domain?
flat network
Using switches, routers, internal firewalls, and other devices, you can restrict network traffic with a ____________________, which limits what and how computers are able to talk to each other.
segmented network
A typical data leakage protection program provides several layers of defense to prevent confidential data from leaving the organization. Which of the following is not one of the layers of defense?
self-regulation
Remote authentication has always been a concern because the person is coming from a public network, and many companies require two-factor authentication for remote access. Which of the following is not one of the most commonly accepted types of credentials?
something you want to know
In an LAN domain, a_______________ is similar to a hub but can filter traffic, a ______________ connects LANs, or a LAN and a WAN, and a ______________ is a software or hardware device that filters traffic in and out of a LAN.
switch, router, firewall
_______________ is a measurement that quantifies how much information can be transmitted over the network.
Bandwidth
One of the key functionalities of a central management system is inventory management, which does which of the following?
This system tracks devices as they connect to the LAN, which devices are on the network, and how often they connect to the LAN.
Many organizations have a(n) _____________ policy in place to manage the business concern of how to handle sensitive information in physical form, such as reports. This policy generally requires employees to lock up all documents and digital media at the end of a workday and when not in use
clean desk
In recent years, ___________________ has emerged as major technology. It provides a way of buying software, infrastructure, and platform services on someone else's network.
cloud computing
A(n) ___________________ sets expectations on the use and security of mobile devices, whereas a(n) _________________ establishes a broad set of rules for approved conduct when a user accesses information on company-owned devices.
corporate mobility policy, acceptable use policy
The concept of _________________ comes from the acknowledgment that data changes form and often gets copied, moved, and stored in many places. Sensitive data often leaves the protection of application databases and ends up in e-mails, spreadsheets, and personal workstation files.
data loss protection
In order to move data from an unsecure WAN to a secure LAN, you typically begin by segmenting a piece of your LAN into a _________________________, which sits on the outside of your private network facing the public Internet. Servers in this area provide public-facing access to the organization, such as public Web sites.
demilitarized zone (DMZ)
The _______________ domain refers to any endpoint device used by end users, which includes but is not limited to mean any smart device in the end user's physical possession and any device accessed by the end user, such as a smartphone, laptop, workstation, or mobile device
workstation
Correct Application softwareAuthentication of a workstation and encryption of wireless traffic are issues that belong to which of the following two domains?
workstation and LAN