Info Security Chapters 13-15
Continuing professional education (CPE) credits typically represent ________ minutes of classroom time per CPE unit.
50
Taylor is a security professional working for a retail organization. She is hiring a firm to conduct the Payment Card Industry Data Security Standard (PCI DSS) required quarterly vulnerability scans. What credential should she seek in a vendor?
Approved scanning vendor (ASV)
Howard is leading a project to commission a new information system that will be used by a federal government agency. He is working with senior officials to document and accept the risk of operation prior to allowing use. What step of the risk management framework is Howard completing?
Authorize the IT system for processing
__________ is a continuous process designed to keep all personnel vigilant.
Awareness
Jim is an experienced security professional who recently accepted a position in an organization that uses Check Point firewalls. What certification can Jim earn to demonstrate his ability to administer these devices?
CCSA
Which of the following certifications is considered the flagship Information Systems Security Certification Consortium, Inc. (ISC) 2 certification and the gold standard for information security professionals?
Certified Information Systems Security Professional (CISSP)
What certification focuses on information systems audit, control, and security professionals?
Certified Information systems Auditor (CISA)
Betty visits a local library with her young children. She notices that someone using a computer terminal in the library is visiting pornographic websites. What law requires that the library filter offensive web content for minors?
Children's Internet Protection Act (CIPA)
Which of the following Cisco certifications demonstrates the most advanced level of security knowledge?
Cisco Certified Internetwork Expert (CCIE) Security
Alan withdraws cash from an ATM belonging to Bank X that is coming from his account with Bank Y. What is Alan's relationship with Bank Y?
Customer
Which of the following graduate degree programs focuses on managing the process of securing information systems, rather than the technical aspects of information security?
MBA
Alison retrieved data from a company database containing personal information on customers. When she looks at the SSN field, she sees values that look like this: "XXX-XX-9142." What has happened to these records?
Masking
What federal government agency is charged with the responsibility of creating information security standards and guidelines for use within the federal government and more broadly across industries?
National Institute of Standards and Technology (NIST)
Brian is the information security training officer for a health care provider. He wants to develop a training program that complies with the provisions of Health Insurance Portability and Accountability Act (HIPAA). Which of the following topics must be included?
Password Management
Under the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, what type of safeguards must be implemented by all covered entities, regardless of the circumstances?
Required
Which of the following is NOT one of the rights afforded to students (or the parents of a minor student) under the Family Educational Rights and Privacy Act (FERPA)?
Right to delete unwanted information from records
Which of the following items would generally NOT be considered personally identifiable information (PII)?
Trade Secret
