CSIS 340 Final Exam 1 – Question and Answers


Category: Tag:


CSIS 340 Final Exam 1 with Answers

  1. The _____ domain connects an organizations private network to the Internet?
  2. To promote cultural change, the goal should be to make security policies _____?
  3. Without _____ sponsorship, users will be less likely to eagerly participate in awareness training.
  4. What needs do organizations have to classify data?
  5. The Security Compliance Committee _____?
  6. Web Services policies would be an example of _____ domain.
  7. Which of the following includes guidelines under the LAN domain policies?
  8. Which of the following is a common cause of security breaches?
  9. What is a strong indicator that awareness training is not effective?
  10. Baseline standards for the LAN domain would include _____.
  11. Which of the following is not an organizational challenge when implementing security policies?
  12. The ______________  model was the first model developed to address the concerns of integrity. Originally published in 1977
  13. _____ occurs when you manipulate or trick a person into weakening the security of an organization?
  14. Data in transit refers to what type of data?
  15. Simple security policy awareness requires that _____ report suspicious activity?
  16. A business impact analysis requires an impact report, component reliance, and a _____.
  17. _____ techniques can provide a security baseline for full operating systems and applications?
  18. A _____ standard describes the requirements for obtaining a domain name for use by external parties?
  19. A(n) _____ has an easier time bypassing security controls and hiding his or her tracks by deleting or altering logs and time stamps.
  20. _____ typically have the technical skills to make critical recommendation on how to stop an attack.
  21. Why should a security policy implementation be flexible to allow for updates?
  22. Two-factor authentication is a typical control used by employees to remotely access which of the following?
  23. Another thing is necessary to retain data for what major reasons?
  24. A _____ is the first step in building a business continuity plan (BCP) to minimize losses.
  25. Security policy enforcement can include _____?
  26. _____ protects data at rest from all type of breaches.
  27. Once security policies are established, line management must _____ ?
  28. Outdated application controls place a greater reliance on _____?
  29. The following documents help capture domain security control requirements?
  30. The  ________________ model uses mandatory access control to enforce the DoD multilevel security policy.
  31. Generally, an Acceptable Use Policy should outline _____?
  32. A _____ is a specialized group of people whose purpose is to respond to major incidents.
  33. In the  the following should be in an information response team charter?
  34. A(n) ______ ensures workers are conscious of security risks and how to deal with unexpected risk.
  35. Without a policy that leads to controls that restrict employees from installing their own software on a company workstation, a company could suffer which of the following consequences?
  36. Good reasons to monitor worker’s computer activities are when ______?
  37. A _____ is a common control that is used across a significant population of systems?
  38. Employer response to an employee posting company passwords on their social network site should include _____?
  39. Security experts consider _____ the weakest link in security.
  40. A malicious _____ attack uses viruses, worms, Trojan horses, and scripts to gain access to systems, applications, and data.
  41. You can use a _____ process to grant temporary elevated rights.
  42. So, in the following organization has offered reliable security policies in the past to help organizations develop proper infrastructure policies.
  43. _____ are especially useful for identifying unauthorized changes. (CSIS 340 final exam)
  44. The Risk Management Continuous Improvement Model includes _____?
  45. The signs of an incident can be _____?
  46. _____ determines how quickly a business process should be recovered.
  47. A privileged-level access agreement (PAA) is designed to heighten the awareness and accountability of?
  48. ______ software is capable of capturing usernames, passwords, and websites visited on a local workstation?
  49. A _____ can identify hosts on a network and determine services running on the hosts
  50. So, check out our latest Tutorials and Courses on FIN.

csis 340 final exam