Online Quiz 2 - Keamanan SiSTEM Informasi

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Asambul
A
Asambul
Community Contributor
Quizzes Created: 3 | Total Attempts: 3,955
| Attempts: 1,499
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/37 Pertanyaan

    Berikut ini adalah alasan-alasan yg tepat untuk melakukan system monitoring secara berkala, kecuali:

    • Ditemukannya security hole yg baru
    • Terjadinya kesalahan konfigurasi
    • Penambahan software atau hardware baru
    • Kebutuhan baru pada sistem informasi
Please wait...
Online Quiz 2 - Keamanan Sistem Informasi - Quiz

Quiz Preview

  • 2. 

    Sesi komunikasi di layer transport protokol TCP/IP selalu diawali dengan sebuah mekanisme yg disebut Three Way Handshake. Mekanisme ini dapat diekploitasi sebagai sebuah lubang keamanan dengan teknik Session Spoofing & Hijacking. Lubang keamanan ini termasuk kategori …

    • Salah desain (design flaw)

    • Salah implementasi

    • Salah konfigurasi

    • Salah penggunaan

    Correct Answer
    A. Salah desain (design flaw)
    Explanation
    The correct answer is "Salah desain (design flaw)". This is because the question is discussing a security vulnerability in the Three Way Handshake mechanism in the transport layer of the TCP/IP protocol. The fact that this mechanism can be exploited for Session Spoofing & Hijacking indicates a flaw in the design of the protocol, rather than an issue with implementation, configuration, or usage.

    Rate this question:

  • 3. 

    Pada tahun 1995, Thomas Lopatic menemukan sebuah lubang keamanan dalam sebuah program standar sistem operasi Unix bernama “Finger” yang dapat dieksploitasi dengan teknik buffer overflow. Lubang keamanan seperti ini masuk kategori …

    • Salah desain (design flaw)

    • Salah implementasi

    • Salah konfigurasi

    • Salah penggunaan

    Correct Answer
    A. Salah implementasi
    Explanation
    The correct answer is "Salah implementasi" (Implementation error). This is because Thomas Lopatic discovered a security hole in the Unix operating system's "Finger" program, which could be exploited using buffer overflow technique. This indicates that there was an error or flaw in the way the program was implemented, leading to the security vulnerability.

    Rate this question:

  • 4. 

    Untuk menghindari eksploitasi lubang keamanan dengan teknik Buffer Overflow, programmer harus melakukan ….

    • Corrupt array checking

    • Insufficient bound checking

    • String concatenation checking

    • Source code debugging

    Correct Answer
    A. Insufficient bound checking
    Explanation
    Insufficient bound checking refers to the practice of not properly validating the size or length of input data before storing it in a buffer. This can lead to buffer overflow vulnerabilities, where an attacker can overwrite adjacent memory locations and potentially execute malicious code. To avoid this, programmers need to ensure that they validate and limit the size of input data to prevent buffer overflows and potential exploitation.

    Rate this question:

  • 5. 

    Adi secara tidak sengaja mengatur shared folder pribadinya dengan hak akses writeable bagi user publik, sehingga bisa diekploitasi misalnya dengan memasukkan file bervirus ke dalam folder tersebut. Lubang keamanan seperti ini masuk kategori …

    • Salah desain (design flaw)

    • Salah implementasi

    • Salah konfigurasi

    • Salah penggunaan

    Correct Answer
    A. Salah konfigurasi
    Explanation
    Adi accidentally configured his shared folder with writeable access for public users, allowing them to exploit it by inserting virus-infected files into the folder. This security vulnerability falls under the category of "Salah konfigurasi" or "misconfiguration."

    Rate this question:

  • 6. 

    Account root memiliki permission level yang paling tinggi dalam sistem operasi UNIX. Salah menggunakan perintah dengan menggunakan permission level ini sangat berbahaya dan dapat merusak sistem dalam sekejab. Lubang keamanan seperti ini masuk kategori …

    • Salah desain (design flaw)

    • Salah implementasi

    • Salah konfigurasi

    • Salah penggunaan

    Correct Answer
    A. Salah penggunaan
    Explanation
    The given question is asking for the category that the security vulnerability falls into when someone misuses the root account's permission level in the UNIX operating system. The correct answer is "Salah penggunaan" which translates to "Misuse" in English. This means that the vulnerability is caused by the incorrect or dangerous use of the root account, which can potentially damage the system.

    Rate this question:

  • 7. 

    Kesenjangan antara kondisi level keamanan aktual dengan level keamanan yang diinginkan (ideal) disebut ….

    • Security problem

    • Security gap

    • Security assessment

    • Security flaw

    Correct Answer
    A. Security gap
    Explanation
    The term "security gap" refers to the difference or distance between the actual level of security and the desired or ideal level of security. It suggests that there is a disparity or deficiency in the current security measures that need to be addressed in order to achieve the desired level of security. This term is commonly used in the context of evaluating and improving security systems and protocols.

    Rate this question:

  • 8. 

    Tujuan dari evaluasi keamanan adalah … antara level keamanan saat ini dan level keamanan yg diinginkan.

    • Mengidentifikasi security gap

    • Memperkecil security gap

    • Menjaga agar tetap pada level yg sesuai, security gap

    • Memperbaiki security gap

    Correct Answer
    A. Mengidentifikasi security gap
    Explanation
    The correct answer is "Mengidentifikasi security gap." The purpose of security evaluation is to identify any gaps or vulnerabilities in the current security level and compare it with the desired security level. This helps in identifying any weaknesses or areas that need improvement in order to enhance the overall security measures.

    Rate this question:

  • 9. 

    Menjaga agar security gap berada pada tingkatan yg adequate (memadai, sesuai) adalah tugas dari ....

    • Security assessment

    • Security policy

    • Security mechanism

    • Security audit

    Correct Answer
    A. Security mechanism
    Explanation
    A security mechanism refers to the various tools, techniques, and protocols implemented to protect an organization's systems and data from potential threats. It is responsible for safeguarding against security gaps or vulnerabilities by providing controls and countermeasures. While security assessments, policies, and audits play important roles in maintaining security, it is the security mechanism that actively defends against potential breaches and ensures that the security gap remains at an adequate level.

    Rate this question:

  • 10. 

    "Whois” adalah salah satu alat VA yang termasuk dalam tahapan ….

    • Information gathering and discovery

    • Enumeration

    • Detection

    • Recovery

    Correct Answer
    A. Information gathering and discovery
    Explanation
    "Whois" is a tool used for gathering information about domain names, IP addresses, and other related information. It helps in discovering the ownership and contact details of a particular website or IP address. Therefore, it falls under the category of information gathering and discovery, as it assists in obtaining relevant data during the initial stages of a cybersecurity assessment or investigation.

    Rate this question:

  • 11. 

    Dengan sebuah software tertentu, Jeffrey melakukan remote scanning terhadap komputer Gina dan memperoleh informasi tentang sistem operasi yg digunakan di dalam komputer tersebut. Software seperti ini adalah salah satu alat VA yang termasuk dalam tahapan ….

    • Information gathering and discovery

    • Enumeration

    • Detection

    • Recovery

    Correct Answer
    A. Enumeration
    Explanation
    The given correct answer is "Enumeration." In this scenario, Jeffrey is using a specific software to remotely scan Gina's computer and gather information about the operating system being used. Enumeration is the process of actively gathering information about a target system, such as open ports, services running, and system configurations. It is an important step in vulnerability assessment (VA) as it helps identify potential vulnerabilities and weaknesses in the system.

    Rate this question:

  • 12. 

    Dengan sebuah software khusus bernama “Retina”, dapat diketahui apakah suatu sistem atau aplikasi rawan terhadap serangan atau tidak. Software seperti ini adalah salah satu alat VA yang termasuk dalam tahapan ….

    • Information gathering and discovery

    • Enumeration

    • Detection

    • Recovery

    Correct Answer
    A. Detection
    Explanation
    The given correct answer for this question is "Detection". This is because the "Retina" software mentioned in the question is specifically designed to determine whether a system or application is vulnerable to attacks or not. This process of identifying vulnerabilities and potential threats is a part of the detection phase in the vulnerability assessment (VA) process.

    Rate this question:

  • 13. 

    Contoh Information System Audit yang masuk kategori automated audit adalah ….

    • Survey (kuisioner, interview dll)

    • Vulnerability scan

    • System log

    • Whois service

    Correct Answer
    A. System log
    Explanation
    System log is categorized as an automated audit in the context of Information System Audit. This is because system logs are automatically generated by computer systems to record events and activities. These logs provide valuable information about the functioning of the system, including user activities, errors, security incidents, and more. Automated tools can analyze these logs to identify any anomalies or potential issues, making it an effective method for auditing and monitoring the system's performance and security.

    Rate this question:

  • 14. 

    Leo dan kawan-kawannya membuka sebuah biro jasa pengelolaan keamanan sistem informasi dengan target klien perusahaan dan/atau instansi pemerintah. Bentuk usaha seperti ini disebut ….

    • Security system auditor (SSA)

    • Security system mintor (SSM)

    • Managed Service Provider (MSP)

    • Security Service Provider (SSP)

    Correct Answer
    A. Managed Service Provider (MSP)
    Explanation
    Leo dan kawan-kawannya membuka sebuah biro jasa pengelolaan keamanan sistem informasi dengan target klien perusahaan dan/atau instansi pemerintah. Bentuk usaha seperti ini disebut Managed Service Provider (MSP). MSP adalah penyedia jasa yang mengelola dan menyediakan layanan IT kepada klien mereka. Mereka bertanggung jawab atas pengelolaan, pemantauan, dan pemeliharaan sistem keamanan informasi klien mereka. Dalam konteks ini, Leo dan kawan-kawannya menyediakan layanan pengelolaan keamanan sistem informasi kepada perusahaan dan instansi pemerintah, sehingga menjadikan mereka sebagai Managed Service Provider (MSP).

    Rate this question:

  • 15. 

    Ancaman keamanan tertentu yg sudah dikenali/teridentifikasi disebut ….

    • Hazard

    • Threat

    • Vulnerability

    • Security hole

    Correct Answer
    A. Hazard
    Explanation
    The correct answer is "Hazard." A hazard refers to a potential source of harm or danger that has been recognized or identified. It can include various threats to security, such as natural disasters, accidents, or intentional acts of violence. Hazards are typically assessed and managed to minimize the risks they pose to individuals, communities, or organizations.

    Rate this question:

  • 16. 

    Jack menelepon perusahaan XYZ dan berpura-pura menjadi karyawan kantor pusat untuk mendapatkan informasi account di server perusahaan tersebut. Tindakan ini masuk dalam kategori ….

    • Network spoofing

    • Server hacking

    • Web defacing

    • Social engineering

    Correct Answer
    A. Social engineering
    Explanation
    Jack's action of pretending to be an employee of the XYZ company's headquarters in order to gain access to account information on their server falls under the category of social engineering. Social engineering refers to the manipulation of individuals to deceive them into revealing confidential information or granting unauthorized access to systems. In this case, Jack is using deception and impersonation to manipulate the company's employees and gain access to sensitive information.

    Rate this question:

  • 17. 

    Bill mengaduk-aduk tempat sampah di halaman belakang kantor perusahaan XYZ untuk mendapatkan informasi berharga tentang network perusahaan tersebut. Tindakan ini disebut ….

    • Trash finding

    • Information seeking

    • Dumster diving

    • Trash diving

    Correct Answer
    A. Dumster diving
    Explanation
    Dumster diving is the correct answer because it refers to the act of searching through trash or garbage in order to find valuable or useful information. In the given scenario, Bill is rummaging through the trash in the backyard of XYZ company's office to gather valuable information about their network.

    Rate this question:

  • 18. 

    Suatu pagi, Phillip mendapatkan email berisi tawaran asuransi dengan premi rendah dari sebuah perusahaan asuransi terkenal. Tertarik dengan tawaran tsb, Phillip melakukan pendaftaran termasuk dgn memasukkan informasi kartu kreditnya. Seminggu kemudian, ia menyadari telah tertipu setelah mengetahui bahwa perusahaan tsb tidak pernah memiliki tawaran seperti itu. Serangan yang dialami oleh Phillip adalah ….

    • Email hacking

    • Email phraking

    • Email spoofing

    • Email phishing

    Correct Answer
    A. Email phishing
    Explanation
    Phillip fell victim to email phishing, which is a fraudulent attempt to obtain sensitive information such as credit card details by disguising as a trustworthy entity in an electronic communication. In this case, the email offering low insurance premiums was a scam, and Phillip unknowingly provided his credit card information to the scammers. This type of attack is common and can lead to identity theft or financial loss for the victims.

    Rate this question:

  • 19. 

    Berikut ini adalah cara untuk meminimalkan peluang terjadinya serangan Social Engineering, kecuali ….

    • Menetapkan security policy yang jelas dan komprehensif

    • Membuat user menyadari potensi terjadinya serangan social engineering

    • Memperketat security mechanism yang digunakan

    • Mengaudit security policy secara berkala.

    Correct Answer
    A. Memperketat security mechanism yang digunakan
    Explanation
    Memperketat security mechanism yang digunakan adalah salah satu cara untuk meminimalkan peluang terjadinya serangan Social Engineering. Dengan meningkatkan keamanan pada mekanisme yang digunakan, seperti mengaktifkan fitur otentikasi dua faktor, enkripsi data, dan firewall yang kuat, dapat membuat serangan social engineering menjadi lebih sulit dilakukan oleh pihak yang tidak berwenang. Dengan demikian, menjaga keamanan pada security mechanism yang digunakan dapat membantu mengurangi risiko serangan social engineering.

    Rate this question:

  • 20. 

    Satu-satunya anggota keluarga protokol 802.11 yang tidak menggunakan teknik modulasi OFDM adalah ….

    • Protokol 802.11a

    • Protokol 802.11b

    • Protokol 802.11g

    • Protokol 802.11n

    Correct Answer
    A. Protokol 802.11b
    Explanation
    Protokol 802.11b is the correct answer because it is the only protocol among the options that does not use OFDM (Orthogonal Frequency Division Multiplexing) modulation technique. OFDM is a modulation technique used in wireless communication to increase data transfer rates and improve signal quality. Protocols 802.11a, 802.11g, and 802.11n all use OFDM, but 802.11b uses a different modulation technique called Direct Sequence Spread Spectrum (DSSS).

    Rate this question:

  • 21. 

    Komponen jaringan nirkabel yang tidak dispesifikasikan dalam protokol 802.11 namun memiliki tugas penting yakni menghubungkan sebuah jaringan nirkabel dengan jaringan yang lainnya, adalah....

    • Station

    • Wireless medium

    • Access point

    • Distribution system

    Correct Answer
    A. Distribution system
    Explanation
    The distribution system is a component of a wireless network that is not specified in the 802.11 protocol but has an important task of connecting a wireless network to other networks. It serves as a bridge between the wireless network and other networks, allowing for communication and data transfer between them. This component is essential for expanding the reach and connectivity of a wireless network beyond its local area.

    Rate this question:

  • 22. 

    Perangkat jaringan nirkabel yang dapat digunakan untuk menghubungkan sebuah jaringan nirkabel dengan jaringan kabel adalah ….

    • Station

    • Wireless medium

    • Access point

    • Distribution system

    Correct Answer
    A. Access point
    Explanation
    An access point is a wireless networking device that allows wireless devices to connect to a wired network. It acts as a bridge between the wireless network and the wired network, enabling communication between the two. Therefore, an access point is the correct answer as it can be used to connect a wireless network to a wired network.

    Rate this question:

  • 23. 

    Sebuah message berisi nama jaringan nirkabel tertentu secara reguler di-broadcast oleh Access Point untuk membantu station mengetahui keberadaan jaringan nirkabel tersebut. Message ini disebut ….

    • SSID broadcasting

    • MAC request broadcasting

    • DNS broadcasting

    • NETBIOS broadcasting

    Correct Answer
    A. SSID broadcasting
    Explanation
    SSID broadcasting refers to the process in which an Access Point regularly broadcasts a message containing the name of a specific wireless network. This helps stations to identify the presence of the wireless network.

    Rate this question:

  • 24. 

    Mengira terhubung dengan Access Point milik fakultasnya, Dick mencoba mengakses server dengan memberikan informasi loginnya di jaringan yang salah. Tindakan ini masuk kategori ….

    • Accidental association

    • Malicious association

    • Identity Theft

    • Man-in-the-middle attacks

    Correct Answer
    A. Accidental association
    Explanation
    Dick's action of trying to access the server by providing his login information on the wrong network is categorized as accidental association. Accidental association refers to the unintentional connection to an unauthorized network or device, thinking it is a legitimate access point. In this case, Dick mistakenly believed that he was connecting to the Access Point of his faculty, but he was actually connecting to a different network. This mistake can lead to potential security risks and unauthorized access to personal information.

    Rate this question:

  • 25. 

    Alex secara sengaja meletakkan sebuah Access Point lain dalam sebuah jaringan nirkabel yang sudah ada dengan tujuan melakukan sniffing password. Tindakan ini masuk kategori ….

    • Accidental association

    • Malicious association

    • Identity Theft

    • Man-in-the-middle attacks

    Correct Answer
    A. Malicious association
    Explanation
    The correct answer is Malicious association. This is because Alex intentionally placed another Access Point in an existing wireless network with the purpose of sniffing passwords. This action is considered malicious as it involves unauthorized access and potential harm to the network and its users.

    Rate this question:

  • 26. 

    Ben memasang sebuah dummy-AP sebagai perantara yang menghubungkan station2 dalam jaringan nirkabel kampusnya dengan AP yang asli. Tindakan ini masuk kategori ….

    • Accidental association

    • Malicious association

    • Identity Theft

    • Man-in-the-middle attacks

    Correct Answer
    A. Man-in-the-middle attacks
    Explanation
    The action of installing a dummy-AP as an intermediary to connect stations in a wireless campus network with the original AP falls under the category of Man-in-the-middle attacks. In this scenario, the attacker is intercepting and potentially altering the communication between the stations and the genuine AP, allowing them to eavesdrop on sensitive information or manipulate the data being transmitted.

    Rate this question:

  • 27. 

    Ben memaksa Access Point jaringan kampusnya untuk melakukan reassociation dengan cara mengirimkan paket-paket sampah dalam jumlah besar. Tindakan ini masuk kategori ….

    • Network Injection

    • Denial of Service

    • Identity Theft

    • Man-in-the-middle attacks

    Correct Answer
    A. Denial of Service
    Explanation
    The action of Ben forcing the campus network's Access Point to reassociate by sending a large number of garbage packets falls under the category of Denial of Service. Denial of Service attacks aim to disrupt or disable a network or system by overwhelming it with a flood of malicious or useless traffic, rendering it inaccessible or unusable for legitimate users. In this case, Ben's actions are intentionally causing a disruption to the network's normal functioning by flooding it with garbage packets.

    Rate this question:

  • 28. 

    Untuk meminimalkan ancaman keamanan, Marry ingin agar nama jaringan nirkabel yang dikelolanya tidak terdeteksi oleh station2 anggota jaringan tersebut. Teknik yang dapat digunakan untuk keperluan ini adalah ….

    • MAC ID Filtering

    • Static IP Addressing

    • Stop SSID Broadcasting

    • Using WEP

    Correct Answer
    A. Stop SSID Broadcasting
    Explanation
    Stop SSID Broadcasting is a technique that can be used to minimize security threats by preventing the wireless network name from being detected by other devices. By disabling SSID broadcasting, the network becomes "hidden" and only devices that already know the network name can connect to it. This adds an extra layer of security as it makes it more difficult for unauthorized users to discover and attempt to access the network.

    Rate this question:

  • 29. 

    John ingin agar sesi komunikasi yang terjadi antar station dalam jaringan nirkabel yang dikelolanya tidak mudah di-spoofing oleh hacker. Teknik yang dapat digunakan untuk keperluan ini adalah ….

    • MAC ID Filtering

    • Static IP Addressing

    • Stop SSID Broadcasting

    • Using WEP

    Correct Answer
    A. Using WEP
    Explanation
    WEP (Wired Equivalent Privacy) is a technique that can be used to prevent easy spoofing of communication sessions between stations in a wireless network. WEP provides a level of encryption to the data being transmitted, making it difficult for hackers to intercept and manipulate the communication. By using WEP, John can ensure that the data transmitted within his wireless network is secure and not easily spoofed by hackers.

    Rate this question:

  • 30. 

    Jenni ingin agar signal AP jaringan nirkabel yang dikelolanya tidak bisa digunakan di luar gedung kantornya. Teknik yang dapat digunakan untuk keperluan ini adalah ….

    • MAC ID Filtering

    • Hide SSID broadcast message

    • USB token

    • RF Shielding

    Correct Answer
    A. RF Shielding
    Explanation
    RF Shielding is a technique that can be used to prevent wireless signals from being used outside of the office building. It involves creating a physical barrier or shield around the area to block the signals from escaping. This can be done using materials that are designed to absorb or reflect the radio waves, effectively preventing them from reaching beyond the designated area. By implementing RF shielding, Jenni can ensure that the wireless signals managed by her cannot be accessed or utilized outside of her office building.

    Rate this question:

  • 31. 

    Dalam model OSI, enkripsi WEP bekerja pada layer ….

    • Physical

    • Data link

    • Network

    • Transport

    Correct Answer
    A. Data link
    Explanation
    The correct answer is "Data link." In the OSI model, the data link layer is responsible for the reliable transfer of data between two nodes on a network. It provides error detection and correction, as well as flow control. WEP (Wired Equivalent Privacy) is a security protocol that operates at the data link layer, providing encryption and authentication for wireless networks. Therefore, WEP works at the data link layer in the OSI model.

    Rate this question:

  • 32. 

    Dalam proses enkripsi WEP, operasi logika yang diterapkan antara bit stream keluaran RC4 dengan plaintext adalah ….

    • NOT

    • AND

    • OR

    • XOR

    Correct Answer
    A. XOR
    Explanation
    In the process of WEP encryption, the logical operation applied between the output bit stream of RC4 and the plaintext is XOR. XOR (exclusive OR) operation combines the bits from both inputs and produces an output where each bit is set if the corresponding bits in the inputs are different. This operation is commonly used in encryption algorithms to ensure that the encrypted data is secure and can only be decrypted using the correct key.

    Rate this question:

  • 33. 

    Salah satu kelemahan teknik enkripsi WEP yang bisa dieksploitasi di level sistem operasi adalah karena ia dirancang untuk bekerja di layer datalink dan bukan di layer ….

    • Physical

    • Application

    • Transport

    • Network

    Correct Answer
    A. Application
    Explanation
    The weakness of the WEP encryption technique can be exploited at the application layer of the operating system. This means that the encryption is not designed to work effectively at the application layer, making it vulnerable to attacks.

    Rate this question:

  • 34. 

    Salah satu kelemahan teknik enkripsi WEP dalam hal password adalah ….

    • Menggunakan public-key

    • Menggunakan shared-key

    • Menggunakan private-key

    • Menggunakan secret-key

    Correct Answer
    A. Menggunakan shared-key
    Explanation
    The weakness of WEP encryption technique in terms of password lies in using a shared-key. This means that the same key is shared among multiple users or devices, making it easier for an attacker to intercept and guess the password. This lack of uniqueness and randomness in the shared-key makes it vulnerable to brute-force attacks and increases the likelihood of unauthorized access to the encrypted data.

    Rate this question:

  • 35. 

    Dari ke-4 pendekatan untuk melakukan Security Assessment, pendekatan yang melibatkan cost analysis adalah ….

    • Vulnerability Assessment

    • Information System Audit

    • Security Risk Evaluation

    • Manage Service Provider

    Correct Answer
    A. Security Risk Evaluation
    Explanation
    The correct answer is Security Risk Evaluation. This approach involves analyzing the potential risks and vulnerabilities in a system or organization's security measures. It includes assessing the likelihood and impact of security threats, as well as evaluating the cost of implementing security measures to mitigate these risks. By conducting a security risk evaluation, organizations can make informed decisions about allocating resources and implementing appropriate security measures to protect their assets and data.

    Rate this question:

  • 36. 

    Dari ke-4 pendekatan untuk melakukan Security Assessment, pendekatan sifatnya menyeluruh termasuk mengevaluasi strength dan weakness dari sistem keamanan yang digunakan, adalah ….

    • Vulnerability Assessment

    • Information System Audit

    • Security Risk Evaluation

    • Manage Service Provider

    Correct Answer
    A. Security Risk Evaluation
    Explanation
    The correct answer is Security Risk Evaluation. This approach involves conducting a comprehensive assessment of the security system used, including evaluating its strengths and weaknesses. It focuses on identifying and analyzing potential risks and threats to the system's security. By conducting a security risk evaluation, organizations can gain insights into their overall security posture and make informed decisions to mitigate risks and enhance their security measures.

    Rate this question:

  • 37. 

    Dari ke-4 pendekatan untuk melakukan Security Assessment, pendekatan dimana sebagian besar pekerjaan dilimpahkan ke pihak eksternal adalah ….

    • Vulnerability Assessment

    • Information System Audit

    • Security Risk Evaluation

    • Manage Service Provider

    Correct Answer
    A. Manage Service Provider
    Explanation
    The correct answer is "Manage Service Provider". In this approach, most of the work is outsourced to external parties to manage the service provider. This means that the organization relies on external experts to assess and manage the security of their service provider. This approach allows the organization to leverage the expertise and resources of the service provider to ensure the security of their systems and data.

    Rate this question:

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Jun 14, 2009
    Quiz Created by
    Asambul

Recent Quizzes

Sekolah Global Mandiri - Wilayah Negara Kesatuan Republik Indonesia Sekolah Global Mandiri - Wilayah Negara Kesatuan Republik Indonesia
Yusra Series Unani Mcqs. Yusra Series Unani Mcqs.
Seleksi Penerimaan Mahasiswa Baru Poltekkes Hermina Tahun 2020 Seleksi Penerimaan Mahasiswa Baru Poltekkes Hermina Tahun 2020
Seleksi Masuk POLTEKKES HERMINA JAKARTA TA 2020/2021 Seleksi Masuk POLTEKKES HERMINA JAKARTA TA 2020/2021
PRE TEST : MIP - Mandiri Golden Offshore Fund PRE TEST : MIP - Mandiri Golden Offshore Fund
Sejauh mana kamu kenal SMB/SSMB? Yakin sudah kenal banget? Sejauh mana kamu kenal SMB/SSMB? Yakin sudah kenal banget?

Featured Quizzes

Introduction to Computer: MCQ Questions With Answers Introduction to Computer: MCQ Questions With Answers
Are You Smarter Than A 5th Grader? MCQ Quiz Questions Are You Smarter Than A 5th Grader? MCQ Quiz Questions
Past Life Quiz: Who Was I In My Past Life? Past Life Quiz: Who Was I In My Past Life?
Literary Devices Quiz For Students Literary Devices Quiz For Students
Best Friend Quiz: Are You Really Best Friends? Best Friend Quiz: Are You Really Best Friends?
Extremely Hard Harry Potter Quiz Extremely Hard Harry Potter Quiz
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.