This quiz will help us better understand your experience and knowledge. Thank you for your participation.
Obtain copies of mandatory regulations.
Gain management approval.
Seek acceptance from other departments.
Ensure policy is compliant with current working practices.
Rate this question:
Definition of management expectations.
Responsibilities of individuals and groups for protected information.
Statement of senior executive support.
Definition of legal and regulatory controls.
Rate this question:
IS security specialists
Senior Management
Seniors security analysts
System auditors
Rate this question:
Two-factor authentication
SSO
Three-factor authentication
Single-factor authentication
Rate this question:
Vendors reliability figures
Regularly scheduled maintenance log
A system downtime log
A written preventive maintenance schedule .
Rate this question:
Policies that result in instant dismissal if violated
The use of diskless workstations
The use of current antivirus software
Periodic checking of hard drives
Rate this question:
The internal audit team should stop sharing the scripts so that IT management must develop its own scripts.
Since continuous monitoring and continuous auditing are similar functions, IT management should assign the continuous monitoring tasks the internal audit department.
IT management should continue to use the scripts for continuous monitoring purposes with the understanding that it is responsible for testing and maintaining the scripts that it uses.
The internal audit team should review the areas where these scripts are being used and reduce the audit scope and frequency for these areas.
Rate this question:
The network servers are clustered in a site
The setup is geographically dispersed
The use of current antivirus software
Policies that result in instant dismissal if violated
Rate this question:
Transaction journal
Automated suspense file listing
User error report
Console log printout
Rate this question:
Scope creep
Signoff delays
Software integrity violations
Inadequate controls
Rate this question:
Audit trail of the versioning of the work papers
Approval of the audit phases
Access rights to the work papers
Confidentiality of the work papers
Rate this question:
Comply with regulatory requirements
Provide a basis for drawing reasonable conclusions
Ensure complete audit coverage
Perform the audit according to the defined scope
Rate this question:
Second set of eyes, which are external from the subject under review
Independent assurance that the claims of management are correct
Assistance by fixing problems found during the audit
Adapting standards to fit the needs of the client
Rate this question:
Identifies major functional areas of information.
Quantifies the effect of the loss of the information.
Requires the identification of information owners.
Lists applications that support the business function.
Rate this question:
Security policy
Enforcement guidelines
Acceptable use policy
Program manual
Rate this question:
What is to be done.
When it is to be done.
Who is to do it.
Why is it to be done
Rate this question:
Product
Protocols
Ever evolving
Quick-fix solution
Rate this question:
DMZ (Demilitarized Zone)
A honey pot
A firewall
A new subnet
Rate this question:
STP
UTP
Coaxial
Fiber-optic
Rate this question:
Private Key
Public Key
Password
Kerberos Key
Rate this question:
Piggybacking
Masquerading
Man-in-the-middle attack
Social Engineering
Rate this question:
25
110
143
389
Rate this question:
Logic Bomb
Worm
Trojan Horse
Virus
Rate this question:
SSO
Two-factor authentication
Single-factor authentication
Three-factor authentication
Rate this question:
A hash is a uniue number that is generated based upon the TCP/IP transmission header and should be verified before download.
A hash is a unique number that is generated based upon the file's contents and used as the SSL key during download.
A hash is a unique number that is generated after the file has been encrypted and used as the SSL key during download.
A hash is a unique number that is generated based upon the file's contents and should be verified after download.
Rate this question:
Internet content filter
Proxy server
NIDS
Firewall
Rate this question:
Account expiration
Time of day restriction
Account lockout
Domain password policy
Rate this question:
ACL
Domain password policy
Logical tokens
Time of day restrictions
Rate this question:
The PKI CA is relocated
The backup generator activates.
The single point of failure is remedied.
Full electrical service is restored.
Rate this question:
Inbound HTTP traffic
Outbound HTTP traffic
Inbound HTTPS traffic
Outbound HTTPS traffic
Rate this question:
File transfers via FTP
Newsgroup access
Internet browsing
E-mail delivery
Rate this question:
A router
A firewall
A switch
A gateway
Rate this question:
Ports on a network switch
MAC addresses of the hosts
Network protocol used by the hosts
Fully qualified domain name (FQDN) of the hosts
Rate this question:
Disk duplexing
Disk mirroring
Disk striping
Disk imaging
Rate this question:
Point-to-point protocol
Channel bank
Rule base
Number portability
Rate this question:
Implement Wired Equivalent Privacy (WEP).
Permit access to only authorized Media Access Control (MAC) addresses.
Disable open broadcast of services set identifiers (SSID)
Implement Wi-FI Protected Access (WPA) 2
Rate this question:
Invoices recorded on the POS system are manually entered into an accounting application.
An optical scanner is not used to read bar codes for the generation of sales invoices.
Frequent power outages occur, resulting in the manual preparation of invoices.
Customer credit card information is stored encrypted on the local POS system.
Rate this question:
The confidentiality of the report
Finding all possible weaknesses on the system
Restoring all systems to the original state
Logging all changes made to the production system
Rate this question:
Secure Socket Layer (SSL) encryption
Two-factor authentication
Encrypted session cookies
IP address verification
Rate this question:
Phishing
Buffer overflow exploitation
SYN flood
Brute force attacks
Rate this question:
The source routing field is enabled
It has a broadcast address in the destination field
A reset flag (RST) is turned on for the TCP connection
Dynamic routing is used instead of static routing
Rate this question:
Digitally signing all e-mail messages
Encrypting all e-mail messages
Compressing all e-mail messages
Password protecting all e-mail messages
Rate this question:
Mimic
Brute force
Cryptographic
Replay
Rate this question:
Firewall and the organization's network
Internet and the firewall
Internet and the web server
Web server and the firewall
Rate this question:
Alert the appropriate staff
Create an entry in the log
Close firewall-2
Close firewall-1
Rate this question:
Quiz Review Timeline (Updated): Mar 21, 2023 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
Wait!
Here's an interesting quiz for you.