quiz 6 owusu
The __________ is an intermediate area between a trusted network and an untrusted network.
DMZ
The transfer of large batches of data to an off-site facility, usually through leased lines or services, is called ____.
Electronic Vaulting
Each policy should contain procedures and a timetable for periodic review.
True
Good security programs begin and end with policy.
True
Lattice-based access control is a form of access control in which users are assigned a matrix of authorizations for particular areas of access.
True
In most common implementation models, the content filter has two components: __________.
rating and filtering
The dominant architecture used to secure network access today is the __________ firewall.
screened subnet
__________ inspection firewalls keep track of each network connection between internal and external systems.
stateful
the documented product of strategic planning, a plan for the organization's intended strategic efforts over the next several years
strategic plan
According to NIST SP 800-14's security principles, security should ________.
"support the mission of the organization, require a comprehensive and integrated approach, be cost effective" All of the above.
The SETA programs is a control measure designed to reduce the instances of ___________ security breaches by employees.
Accidental
Redundancy can be implemented at a number of points throughout the security architecture, such as in ____.
All of the above
Authentication is a mechanism whereby unverified entities or supplicants who seek access to a resource provide a label by which they are known to the system.
False
Discretionary access control is an access control approach whereby the organization specifies use of resources based on the assignment of data classification schemes to resources and clearance levels to users.
False
____ controls address personnel security, physical security, and the protection of production inputs and outputs.
Operational
_________________is an agency that provides a service for a fee. In thecase of disaster recovery and continuity planning, the service is the agreement to provide physical facilities in the event of a disaster. These types of agencies also frequently provide offsite data storage for a fee.
Service Bureau
The transfer of transaction data in real-time to an off-site facility is called _____.
Remote journaling
Packet-filtering firewalls scan network data packets looking for compliance with the rules of the firewall's database.
True
The policy administrator is responsible for the creation, revision, distribution, and storage of the policy.
True
You can create a single comprehensive ISSP document covering all information security issues.
True
A ____ site provides only rudimentary services and facilities.
cold
Security ____ are the areas of trust within which users can freely communicate
domains
The security framework is a more detailed version of the security blueprint.
false
In IPSec's __________ mode, the data within an IP packet is encrypted, but the header information is not.
transport
The primary benefit of a VPN that uses _________ is that an intercepted packet reveals nothing about the true destination system.
tunnel mode
