NURS 6211 Complete Course

CSIS 340 Final Exam 1 Year 2022 (100 out of 100 points)

$25.00

Category: Test Bank Tag: csis 340

Description

CSIS 340 Final Exam – Question and Answers

  1. It is necessary to retain data for what major reasons?
  2. __________ techniques can provide a security baseline for full operating systems and applications?
  3. Good reasons to monitor worker’s computer activities are when __________?
  4. Data classification for retention of information is typically __________ for financial and tax records?
  5. __________ software is capable of capturing usernames, passwords, and websites visited on a local workstation?
  6. Which of the following includes guidelines under the LAN domain policies?
  7. Which of the following should be in an information response team charter?
  8. Once security policies are established, line management must __________?
  9. A __________ is a common control that is used across a significant population of systems?
  10. The Risk Management Continuous Improvement Model includes __________?
  11. What needs do organizations have to classify data?
  12. Web services policies would be an example of __________ domain.
  13. Data in transit refers to what type of data?
  14. Security experts consider __________ the weakest link in security.
  15. Which of the following is a common cause of security breaches?
  16. The ______________ model was the first model developed to address the concerns of integrity. Originally published in 1977
  17. A __________ standard describes the requirements for obtaining a domain name for use by external parties?
  18. A __________ is a specialized group of people whose purpose is to respond to major incidents.
  19. Which is the first step in building a business continuity plan?
  20. Baseline standards for the LAN domain would include _____.
  21. A(n) _____ has an easier time bypassing security controls and hiding his or her tracks by deleting or altering logs and time stamps.
  22. To promote cultural change, the goal should be to make security policies __________?
  23. Simple security policy awareness requires that _____ report suspicious activity?
  24. __________ occurs when you manipulate or trick a person into weakening the security of an organization?
  25. You can use a __________ process to grant temporary elevated rights.
  26. The _____ domain connects an organizations private network to the Internet?
  27. Outdated application controls place a greater reliance on _____?
  28. __________ determines how quickly a business process should be recovered.
  29. A ___________ is the first step in building a business continuity plan (BCP) to minimize losses.
  30. When analyzing an incident, you must try to determine which of the following?
  31. Employer response to an employee posting company passwords on their social network site should include _____?
  32. The following organization has offered reliable security policies in the past to help organizations develop proper infrastructure policies.
  33. Without a policy that leads to controls that restrict employees from installing their own software on a company workstation, a company could suffer which of the following consequences?
  34. Without __________ sponsorship, users will be less likely to eagerly participate in awareness
  35. A(n) ___________ ensures workers are conscious of security risks and how to deal with unexpected risk
  36. The Security Compliance Committee __________?
  37. Which of the following is not an organizational challenge when implementing security policies?
  38. A business impact analysis requires an impact report, component reliance, and a __________.
  39. Production data should be _____ before being used in a test environment?
  40. __________ protects data at rest from all type of breaches.
  41. The following documents help capture domain security control requirements?
  42. A malicious __________ attack uses viruses, worms, Trojan horses, and scripts to gain access to systems, applications, and data.
  43. A __________ can identify hosts on a network and determine services running on the hosts.
  44. What is a strong indicator that awareness training is not effective?
  45. The __________ model uses mandatory access control to enforce the DoD multilevel security policy.
  46. __________ typically have the technical skills to make critical recommendation on how to stop an attack.
  47. __________ are especially useful for identifying unauthorized changes.
  48. __________ often focuses on enterprise risk management across multiple lines of business to resolve strategic business issues.
  49. Which of the following can you use to segment LANs?
  50. Which of the following does an acceptable use policy relate to?

Related products