CSIS 340 Final Exam 1 with Answers
- The _____ domain connects an organizations private network to the Internet?
- To promote cultural change, the goal should be to make security policies _____?
- Without _____ sponsorship, users will be less likely to eagerly participate in awareness training.
- What needs do organizations have to classify data?
- The Security Compliance Committee _____?
- Web Services policies would be an example of _____ domain.
- Which of the following includes guidelines under the LAN domain policies?
- Which of the following is a common cause of security breaches?
What is a strong indicator that awareness training is not effective?
- Baseline standards for the LAN domain would include _____.
- Which of the following is not an organizational challenge when implementing security policies?
- The ______________ model was the first model developed to address the concerns of integrity. Originally published in 1977
- _____ occurs when you manipulate or trick a person into weakening the security of an organization?
- Data in transit refers to what type of data?
- Simple security policy awareness requires that _____ report suspicious activity?
- A business impact analysis requires an impact report, component reliance, and a _____.
- _____ techniques can provide a security baseline for full operating systems and applications?
- A _____ standard describes the requirements for obtaining a domain name for use by external parties?
- A(n) _____ has an easier time bypassing security controls and hiding his or her tracks by deleting or altering logs and time stamps.
- _____ typically have the technical skills to make critical recommendation on how to stop an attack.
Why should a security policy implementation be flexible to allow for updates?
- Two-factor authentication is a typical control used by employees to remotely access which of the following?
- Another thing is necessary to retain data for what major reasons?
- A _____ is the first step in building a business continuity plan (BCP) to minimize losses.
- Security policy enforcement can include _____?
- _____ protects data at rest from all type of breaches.
- Once security policies are established, line management must _____ ?
- Outdated application controls place a greater reliance on _____?
- The following documents help capture domain security control requirements?
- The ________________ model uses mandatory access control to enforce the DoD multilevel security policy.
Generally, an Acceptable Use Policy should outline _____?
- A _____ is a specialized group of people whose purpose is to respond to major incidents.
- In the the following should be in an information response team charter?
- A(n) ______ ensures workers are conscious of security risks and how to deal with unexpected risk.
- Without a policy that leads to controls that restrict employees from installing their own software on a company workstation, a company could suffer which of the following consequences?
- Good reasons to monitor worker’s computer activities are when ______?
- A _____ is a common control that is used across a significant population of systems?
- Employer response to an employee posting company passwords on their social network site should include _____?
- Security experts consider _____ the weakest link in security.
- A malicious _____ attack uses viruses, worms, Trojan horses, and scripts to gain access to systems, applications, and data.
You can use a _____ process to grant temporary elevated rights.
- So, in the following organization has offered reliable security policies in the past to help organizations develop proper infrastructure policies.
- _____ are especially useful for identifying unauthorized changes. (CSIS 340 final exam)
- The Risk Management Continuous Improvement Model includes _____?
- The signs of an incident can be _____?
- _____ determines how quickly a business process should be recovered.
- A privileged-level access agreement (PAA) is designed to heighten the awareness and accountability of?
- ______ software is capable of capturing usernames, passwords, and websites visited on a local workstation?
- A _____ can identify hosts on a network and determine services running on the hosts
- So, check out our latest Tutorials and Courses on FIN.