IS 413- Final Exam Review
The __________ vulnerability assessment is a process that is designed to find and document selected vulnerabilities that are likely to be present on the internal network of the organization.
intranet
A __________ is usually the best approach to security project implementation.
phased implementation
You should adopt naming standards that do not convey information to potential system attackers. t/f
true
Class __________ fires are safely extinguished with non-conducting agents only.
class C
The policy administrator is responsible for the creation, revision, distribution, and storage of the policy. t/f
true
Common vulnerability assessment processes include:
all of choices
A(n) key is the steps used to convert an unencrypted message into an encrypted sequence of bits that represent the message; sometimes refers to the programs that enable the cryptographic processes. t/f
false
A(n) sequential roster is activated as the first person calls a few people on the roster, who in turn call a few other people. t/f
false
Loss event frequency is the combination of an asset's value and the percentage of it that might be lost in an attack. t/f
false
Many hiring managers in information security prefer to recruit a security professional who already has proven HR skills and professional experience, since qualified candidates with information security experience are scarce. t/f
false
Once a(n) back door has infected a computer, it can redistribute itself to all e-mail addresses found on the infected system. t/f
false
The Federal Privacy Act of 1974 regulates government agencies and holds them accountable if they release information about national security without permission. t/f
false
The disadvantages of using the honeypot or padded cell approach include the fact that the technical implications of using such devices are not well understood. t/f
false
When voltage levels lag (experience a momentary increase), the extra voltage can severely damage or destroy equipment. t/f
false
By managing the __________, the organization can reduce unintended consequences by having a process to resolve potential conflict and disruption that uncoordinated change can introduce.
process of change
__________ law regulates the structure and administration of government agencies and their relationships with citizens, employees, and other governments.
public law
The __________ control strategy attempts to shift risk to other assets, other processes, or other organizations.
transfer
In static filtering, configuration rules must be manually created, sequenced, and modified within the firewall.. t/f
true
Many states have implemented legislation making certain computer-related activities illegal. t/f
true
Which of the following is not one of the categories of positions as defined by Schwartz, Erwin, Weafer, and Briney?
user