Extra Q Chap 14

26 Questions | Total Attempts: 140

SettingsSettingsSettings
Please wait...
Company Quizzes & Trivia

EXTRA QUESTIONS CHAP 14


Questions and Answers
  • 1. 
    Audits serve to verify that the security protections enacted by an organization are being followed and that corrective actions can be swiftly implemented before an attacker exploits a vulnerability.
    • A. 

      True

    • B. 

      False

  • 2. 
    The objective of incident response is to restore normal operations as quickly as possible with the least possible impact on either the business or the users.
    • A. 

      True

    • B. 

      False

  • 3. 
    Most organizations follow a three-phase cycle in the development and maintenance of a security policy.
    • A. 

      True

    • B. 

      False

  • 4. 
    A due process policy is a policy that defines the actions users may perform while accessing systems and networking equipment.
    • A. 

      True

    • B. 

      False

  • 5. 
    Education in an enterprise is limited to the average employee.
    • A. 

      True

    • B. 

      False

  • 6. 
    At the heart of information security is the concept of ____.
    • A. 

      Threat

    • B. 

      Mitigation

    • C. 

      Risk

    • D. 

      Management

  • 7. 
    Because the impact of changes can potentially affect all users, and uncoordinated changes can result in security vulnerabilities, many organizations create a(n) ____ to oversee the changes.
    • A. 

      Change management team

    • B. 

      Incident response team

    • C. 

      Security control team

    • D. 

      Compliance team

  • 8. 
     may be defined as the components required to identify, analyze, and contain that incident.
    • A. 

      Vulnerability response

    • B. 

      Incident response

    • C. 

      Risk response

    • D. 

      Threat response

  • 9. 
    Is the planning, coordination, communications, and planning functions that are needed in order to resolve an incident in an efficient manner.
    • A. 

      Incident reporting

    • B. 

      Incident management

    • C. 

      Incident planning

    • D. 

      Incident handling

  • 10. 
    Can be defined as the “framework” and functions required to enable incident response and incident handling within an organization.
    • A. 

      Incident reporting

    • B. 

      Incident management

    • C. 

      Incident handling

    • D. 

      Incident planning

  • 11. 
    A ____ is a written document that states how an organization plans to protect the company’s information technology assets.
    • A. 

      Security policy

    • B. 

      Guideline

    • C. 

      Security procedure

    • D. 

      Standard

  • 12. 
    A ____ is a collection of suggestions that should be implemented.
    • A. 

      Security policy

    • B. 

      Baseline

    • C. 

      Guideline

    • D. 

      Security procedure

  • 13. 
    A ____ is a document that outlines specific requirements or rules that must be met.
    • A. 

      Procedure

    • B. 

      Standard

    • C. 

      Guideline

    • D. 

      Policy

  • 14. 
    Are generally considered to be the most important information security policies.
    • A. 

      Acceptable use policies

    • B. 

      Encryption policies

    • C. 

      Data loss policies

    • D. 

      VPN policies

  • 15. 
    A(n) ____ policy outlines how the organization uses personal information it collects.
    • A. 

      VPN

    • B. 

      Network

    • C. 

      Encryption

    • D. 

      Privacy

  • 16. 
    A policy that addresses security as it relates to human resources is known as a(n) ____ policy.
    • A. 

      VPN

    • B. 

      Acceptable use

    • C. 

      Security-related human resource

    • D. 

      Technical

  • 17. 
    Are a person’s fundamental beliefs and principles used to define what is good, right, and just.
    • A. 

      Morals

    • B. 

      Values

    • C. 

      Ethics

    • D. 

      Standards

  • 18. 
     are values that are attributed to a system of beliefs that help the individual distinguish right from wrong.
    • A. 

      Morals

    • B. 

      Ethics

    • C. 

      Standards

    • D. 

      Morays

  • 19. 
    Can be defined as the study of what a group of people understand to be good and right behavior and how people make those judgments.
    • A. 

      Values

    • B. 

      Morals

    • C. 

      Ethics

    • D. 

      Standards

  • 20. 
    A(n) ____ policy is designed to produce a standardized framework for classifying information assets.
    • A. 

      VPN

    • B. 

      Acceptable use

    • C. 

      Privacy

    • D. 

      Classification of information

  • 21. 
    Networks are typically used for connecting devices on an ad hoc basis for file sharing of audio, video, and data, or real-time data transmission such as telephony traffic.
    • A. 

      Peer

    • B. 

      Client-server

    • C. 

      P2P

    • D. 

      Share

  • 22. 
    The Web sites that facilitate linking individuals with common interests like hobbies, religion, politics, or school contacts are called ____ sites.
    • A. 

      Social networking

    • B. 

      Social engineering

    • C. 

      Social management

    • D. 

      Social control

  • 23. 
    A(n) ____ approach is the art of helping an adult learn.
    • A. 

      Andragogical

    • B. 

      Pedagogical

    • C. 

      Deontological

    • D. 

      Metagogical

  • 24. 
     learners learn through taking notes, being at the front of the class, and watching presentations.
    • A. 

      Kinesthetic

    • B. 

      Auditory

    • C. 

      Spatial

    • D. 

      Visual

  • 25. 
    Learners tend to sit in the middle of the class and learn best through lectures and discussions.
    • A. 

      Visual

    • B. 

      Auditory

    • C. 

      Kinesthetic

    • D. 

      Spatial

Back to Top Back to top