Description

SEC 340 Week 2 Quiz 1 (10 Questions and Answers)

1. (TCOs 1, 2, 4) Which of the following is not a critical element of the CIA triangle?
2. (TCOs 1, 2, 4) Which of the following is not a basic component of risk management?
3. (TCOs 1, 2, 4) Which of the following is not one of the four basic risk control strategies?
4. TCOs 1, 2, 4) Who is responsible for obtaining senior management commitment and support at the outset of the planning process?
5. (TCOs 1, 2, 4) Threats are converted to attacks and then used to create attack ______.
6. (TCOs 1, 2, 4) The analysis of business _____ focuses on identifying which are the main revenue-producing operations.
7. (TCOs 3, 5) Which of the following is not a possible IR team structure model?
8. (TCOs 3, 5) The responsibility for creating an organization’s IR plan rests with the _____.
9. (TCOs 3, 5) Which type of plan testing involves individuals who act as if an incident has occurred, but do so without interfering with normal operations?
10. (TCOs 3, 5) An IDS that monitors traffic on a network segment is called a(n) _____.

SEC 340 Week 2 Quiz 2 (10 Questions and Answers)

1. (TCOs 3, 5) The _____ should be the first deliverable undertaken by the IR planning committee
2. (TCOs 3, 5) Which of the following starts with admitting there is a problem?
3. (TCOs 3, 5) _____ reflect upon the relative security of an information system.
4. (TCOs 3, 5) Which of the following describes confidentiality?
5. (TCOs 3, 5) There is nothing that _____ can do to improve the bottom line.
6. (TCO 1) The CNSS model of _____ evolved from a concept known as the CIA triangle.
7. (TCO 1) A threat is a category of all of the following except for what?
8. (TCOs 2, 4) The _____ takes up where the risk assessment process leaves off.
9. (TCO 5) Which of the following is a non-event that is categorized as an actual incident?
10. (TCO 5) False positives or noise often result from which of the following causes in an incident collection candidate?