Quiz 6 Information Security Fundamentals

Ace your homework & exams now with Quizwiz!

A hardware configuration chart should NOT include copies of software configurations.

False - *Copies of all software configurations pg. 199*

The term "data owner" refers to the person or group that manages an IT infrastructure.

False - The Answer is *system owners*

Certification is the formal agreement by an authorizing official to accept the risk of implementing a system.

False - The answer is *Accreditation*

Often an extension of a memorandum of understanding (MOU), the blanket purchase agreement (BPA) serves as an agreement that documents the technical requirements of interconnected assets.

False -The answer is *Interconnection security agreement (ISA)*

Which agreement type is typically less formal than other agreements and expresses areas of common interest?

Memorandum of understanding (MOU)

Ann is creating a template for the configuration of Windows servers in her organization. It includes the basic security settings that should apply to all systems. What type of document should she create?

Baseline

Mandatory vacations minimize risk by rotating employees among various systems or duties.

False -The answer is *job rotation*

Roger's organization received a mass email message that attempted to trick users into revealing their passwords by pretending to be a help desk representative. What category of social engineering is this an example of?

Phishing

What is NOT a goal of information security awareness programs?

Punish users who violate policy

Company-related classifications are not standard, therefore, there may be some differences between the terms "private" and "confidential" in different companies.

True

Policies that cover data management should cover transitions throughout the data life cycle.

True

In what software development model does activity progress in a lock-step sequential process where no phase begins until the previous phase is complete?

Waterfall

What is the correct order of steps in the change control process?

Request, impact assessment, approval, build/test, implement, monitor - *pg 202*

Configuration changes can be made at any time during a system life cycle and no process is required.

False


Related study sets

CH. 14: Nonadaptive Evolution and Speciation: Urban Evolution

View Set

Fundamentals Practice Assessment A

View Set

Cognitive Psychology Exam 2 Questions

View Set

0. Vistas 2, Chapter 10, d-Imperfect Tense: 3. Activity #26 Practice- ¡Inténtalo! Estructura 10.1

View Set

Medieval Europe and the Renaissance

View Set