Description
Devry SEC 440 All Quiz Latest
Devry SEC 440 Week 2 Quiz Latest
QUIZ 2
(TCO 1) Why is it important to prepare written policies?
It lets the policies be communicated more easily.
This helps to ensure consistency.
A policy is part of the corporate culture.
It is required by law.
In: Chapter 1, page 11
Points Received: 4 of 4
Comments:
Question 2. Question :
(TCO 2) Which of the following is NOT a threat to data confidentiality?
Hackers
Encryption
Improper access controls
IN Social engineering
In: Chapter 3, page 67
Points Received: 0 of 4
Comments:
Question 3. Question :
(TCO 1) Which of the following is MOST likely to reflect the policy audience for a corporate ethics policy at Acme Manufacturing?
All Acme Manufacturg employees and all vendors and service providers
All full- and part-time employees of Acme Manufacturg and its subsidiaries
The Acme Manufacturg board of directors
The fance, human resources, and marketg departments of Acme Manufacturg
: Chapter 2, page 45
Pots Received: 0 of 4
Comments:
Question 4. Question :
(TCO 2) Which of the followg are all federal regulations?
Sarbanes-Oxley, IEEE 802.11, and NIST 800-34
GLBA, HIPAA, and Sarbanes-Oxley
GLBA, HIPAA, and IEEE 802.11
GLBA, NIST 800-34, and Sarbanes-Oxley
: Chapter 2, page 41
Comments:
Question 5. Question :
(TCO 1) When should formation security policies, procedures, standards, and guideles be revisited?
As dicated the policy
Never; once they are written and published, they must be adhered to
Annually
When dictated by change drivers
: Chapter 1, page 18
Pots Received: 0 of 4
Comments:
Question 6. Question :
(TCO 2) What is a valid defition of data tegrity?
Knowg that the data on the screen have not been tampered with
Data that are encrypted
Data that have not been accessed by unauthorized users
The knowledge that the data are transmitted ciphertext only
: Chapter 3, page 69
Comments:
Question 7. Question :
(TCO 1) What should be the consequences of formation security policy violations?
Always up to, and cludg, termation
Immediate revocation of all user privileges
Commensurate with the criticality of formation the policy was written to protect
Violations cited the person’s annual performance review
: Chapter 1, page 24
Comments:
Question 8. Question :
(TCO 2) Match the followg terms to their meangs.
: Change driver » 2 : Any event that impacts culture, procedures, and activities with an organization
: Acceptable use agreement » 1 : List of actions that employees are not allowed to perform while usg company-provided equipment
: Statement of authority » 3 : troduction to the policy document
: Security policy document policy » 4 : Policy about a policy
: Chapter 4, page 95
Comments:
Question 9. Question :
(TCO 1) Which of the followg best describes how the penalties defed the Policy Enforcement Clause should relate to the fractions?
Any fraction should result suspension or termation.
The same penalty should apply each time an fraction occurs.
The penalty should be proportional to the level of risk curred as a result of the fraction.
Penalties should be at the discretion of management.
: Chapter 2, page 48
Comments:
Question 10. Question :
(TCO 2) Data tegrity is
protectg the data from tentional or accidental disclosure.
makg sure the data are always available when legitimately needed.
protectg the data from tentional or accidental modification.
makg sure the data are always transmitted encrypted format.
: Chapter 3, page 69
Comments:
Question 11. Question :
(TCO 1) Which is the worst that may happen if formation security policies are out of date or address technologies no longer used the organization?
People may take the policies less seriously or dismiss them entirely.
Executive management may become upset.
The company may cur unnecessary costs to change them.
People may not know which policy applies.
: Chapter 1, page 23
Comments:
Question 12. Question :
(TCO 2) Which of the followg federal regulations pertas to the medical field?
FERPA
GLBA
HIPAA
SOX
: Chapter 4, page 95
Comments:
Question 13. Question :
(TCO 1) which of the followg ways does understandg policy elements help you terpret your organization’s formation security policies?
Awareness of policy elements helps you determe the strength of the policy and whether you should take it seriously.
If you understand policy elements, you will be able to change the policies.
Knowg the purpose and goal of each section of the policy can help you better understand the tent of the policy, as well as how the policy applies to you.
You need to know the policy elements order to determe which parts of the policy apply to you.
Question 14. Question :
(TCO 2) Which of the followg federal regulations pertas to the educational field?
FERPA
GLBA
HIPAA
SOX
Question 15. Question :
(TCO 1) Which of the followg is an important function of the statement of authority?
It provides a bridge between an organization’s core values and security strategies.
It dicates who to talk to if you want to request a change the policy.
It describes the penalties for policy fractions.
It references standards, guideles, and procedures that the reader can consult for clarification of the policy.
Devry SEC 440 Week 4 Quiz Latest
(TCO 3) Which section of the ISO 17799 deals with asset classification?
2
3
4
5
Points Receied: 4 of 4
Comments:
Question 2. Question :
(TCO 4) The age group most inclined to use an online job search is
30 to 49.
18 to 29.
50 to 64.
None of the aboe—33% of persons across all age groups use online job searching.
Chapter 6, page 151
Points Receied: 4 of 4
Comments:
Question 3. Question :
(TCO 5) In ISO 17799, an area where assets are protected from man-made and natural harm is known as
secure area.
mantrap.
company property.
security perimeter.
Chapter 7, page 186
Points Receied: 4 of 4
Comments:
Question 4. Question :
(TCO 3) When it comes to information security, what is the purpose of labeling?
Communicating the sensitiity leel
Communicating the access controls
Enforcing the access controls
Auditing the access controls
Chapter 5, page 129
Points Receied: 0 of 4
Comments:
Question 5. Question :
(TCO 4) A security clearance inestigation does NOT inole research into a person’s
character.
reliability.
family connections.
trustworthiness.
Chapter 6, page 154
Points Receied: 4 of 4
Comments:
Question 6. Question :
(TCO 5) The clear desk and clear screen policy is the way to aoid which of the following kinds of physical attacks?
Shoulder surfing
Reprinting the last document from the fax machine
Looking at papers on desks
All of the aboe
Chapter 7, page 201
Points Receied: 4 of 4
Comments:
Question 7. Question :
(TCO 3) Information needs to be handled according to
its classification leel.
the statement of authority.
the access controls set forth in the asset management policy.
IN the access controls set forth in the affirmation agreement.
Chapter 5, page 129
Points Receied: 0 of 4
Comments:
Question 8. Question :
(TCO 4) Which of the following is a component of an affirmation agreement?
Statement of authority
Background check
Job description
Credit history
Chapter 6, page 160
Points Receied: 4 of 4
Comments:
Question 9. Question :
(TCO 5) What is the goal of the physical entry controls policy?
Restrict the knowledge of, access to, and actions within secure areas
Require authorized users to be authenticated and isitors to be identified and labeled
Require perimeter controls as appropriate
Make sure the organization pays attention to potential enironmental hazards and threats
Chapter 7, page 189
Points Receied: 4 of 4
Comments:
Question 10. Question :
(TCO 3) This is known as the process of downgrading the classification leel of an information asset.
Declassification
Classification reiew
Reclassification
Asset publication
Chapter 5, page 130
Points Receied: 4 of 4
Comments:
Question 11. Question :
(TCO 4) Match each of the following with its example.
: Security education » 3 : Recertification training for the network administrator
: Security training » : A presentation on creating good passwords
: Security awareness » 1: Posters reminding users to report security breaches
Chapter 6, page 165
Points Receied: 1.33 of 4
Comments:
Question 12. Question :
(TCO 5) Which of the following might the working in secure areas policy restrict from being brought into a facility?
Cameras
Recording deices
Laptop computers
All of the aboe
Chapter 7, page 192
Points Receied: 4 of 4
Comments:
Question 13. Question :
(TCO 3) When calculating the alue of an asset, which of the following is NOT a criterion?
Cost to acquire or deelop asset
Cost to maintain and protect the asset
Cost to disclose the asset
Reputation
Chapter 5, page 133
Points Receied: 0 of 4
Comments:
Question 14. Question :
(TCO 5) According to the equipment siting and protection policy, smoking, eating, and drinking will not be permitted
except in designated areas.
inside the security perimeter.
under any circumstances.
in areas where equipment is located.
Question 15. Question :
(TCO 3) A qualitatie approach to an analysis uses
hard numbers.
statistics.
expert opinions.
general population sureys.
Chapter 5, page 137
Points Receied: 4 of 4
Comments:
Devry SEC 440 Week 6 Quiz Latest
(TCO 6) An employee who fails to report a suspected security weakness
is doing his or her job.
will not be punished.
will be treated the same as if he or she had initiated a malicious act against the company.
is making sure not to aggravate the situation by making a mistake.
: 8, page 230
4 of 4
Question 2. Question :
(TCO 7) Which of the following is NOT an access control method?
MAC
RBAC
DAC
PAC
: 9, page 273
4 of 4
Question 3. Question :
(TCO 8) When is the best time to think about security when writing a new piece of code?
IN At the end, once all the modules have been written
After the users have had a chance to review the application
At the beginning of the project
After the application has been approved and authorized by the ISO
: 10, page 313
0 of 4
Question 4. Question :
(TCO 9) As it pertains to GLBA, what does NPI stand for?
Nonpublic information
Nonpublic personal information
Nonprivate information
Nonprivate personal information
: 12, page 390
4 of 4
Question 5. Question :
(TCO 6) The primary antimalware control is
an updated antivirus solution.
a firewall.
a router.
an acceptable use policy.
: 8, page 232
4 of 4
Question 6. Question :
(TCO 7) Which is the first target of a hacker who has gained access to an organization’s network?
Log files
Sensitive data
User accounts
Public data
: 9, page 276
4 of 4
Question 7. Question :
(TCO 8) Which formal security-related process should take place at the beginning of the code creation project?
Risk assessment
Input validation
Output validation
SQL injection validation
: 10, page 313
4 of 4
Question 8. Question :
(TCO 9) Who enforces the GLBA?
Eight different federal agencies and states
The FDIC
The FFIEC
The Secretary of the Treasury
: 12, page 392
4 of 4
Question 9. Question :
(TCO 6) The part of the antivirus solution that needs to be updated daily is
the DAT files.
central command.
the control panel.
the engine.
: 8, page 232
4 of 4
Question 10. Question :
(TCO 7) All users are expected to keep their password secret, unless
IN a member of the IT group asks for it.
another employee needs to log on as them.
- d.someone identifying themselves as the ISO asks for it.
There is no “unless.”
: 9, page 281
0 of 4
Question 11. Question :
(TCO 8) If an employee uses a company-provided application system and finds what he or she thinks is a loophole that allows access to confidential data, that employee should
alert his or her manager and the ISO immediately.
verify and test the alleged loophole before alerting anyone.
not say anything unless he or she is a member of the incident response team.
alert his or her manager whenever he or she happens to have a chance to do so.
: 10, page 317
4 of 4
Question 12. Question :
(TCO 9) What do the Interagency Guidelines require every covered institution to implement?
Quarterly risk assessments
A biannual review of the disaster recovery plan
A comprehensive written information security program
A monthly inventory of all information assets
: 12, page 394
4 of 4
Question 13. Question :
(TCO 6) Grandfather-father-son is a model used for
antivirus updates.
antispyware updates.
backup strategies.
change control management strategies.
: 8, page 236
4 of 4
Question 14. Question :
(TCO 7) Which of the following is the most popular single factor authentication method?
Cameras
IN Biometric devices
Tokens
Passwords
: 9, page 281
0 of 4
Question 15. Question :
(TCO 8) Input validation is
verifying that a piece of code does not have any inherent vulnerabilities.
making sure that employees know what information to enter in a new system.
testing an application system by entering all kinds of character strings in the provided fields.
testing what information an application system returns when information is entered.
: 10, page 318
DeVry Courses helps in providing the best essay writing service. If you need 100% original papers for Devry SEC 440 All Quiz Latest, then contact us through call or live chat.
Devry SEC 440 All Quiz Latest
Reviews
There are no reviews yet.