Question 1

A ____ is a collection of suggestions that should be implemented.

Accepted Answer

A)  security policy 
B)  baseline 
C)  guideline 
D)  security procedure 
A)  security policy 
B)  baseline 
C)  guideline 
D)  security procedure

Question 2

When designing a security policy, many organizations follow a standard set of ____________________.

Accepted Answer

The answer of When designing a security policy, many organizations...

Question 3

A due process policy is a policy that defines the actions users may perform while accessing systems and networking equipment.

Accepted Answer

A) True 
 B)False

Question 4

Most people are taught using a(n) ____________________ approach.

Accepted Answer

The answer of Most people are taught using a(n) ____________________...

Question 5

Which roles should be represented on the security policy development team?

Accepted Answer

Senior level administrator
Mem

Question 6

List and describe two risk categories.

Accepted Answer

Strategic - Action that affects the long

Question 7

List four attributes that should be compiled for new equipment in the change management documentation.

Accepted Answer

IP and MAC addresses
Equipment

Question 8

What are the typical classification designations of government documents?

Accepted Answer

The classification designation

Question 9

A(n) ____ policy outlines how the organization uses personal information it collects.

Accepted Answer

A)  VPN 
B)  network 
C)  encryption 
D)  privacy 
A)  VPN 
B)  network 
C)  encryption 
D)  privacy

Question 10

____ networks are typically used for connecting devices on an ad hoc basis for file sharing of audio, video, and data, or real-time data transmission such as telephony traffic.

Accepted Answer

A)  Peer 
B)  Client-server 
C)  P2P 
D)  Share 
A)  Peer 
B)  Client-server 
C)  P2P 
D)  Share

Question 11

____ are generally considered to be the most important information security policies.

Accepted Answer

A)  Acceptable use policies 
B)  Encryption policies 
C)  Data loss policies 
D)  VPN policies 
A)  Acceptable use policies 
B)  Encryption policies 
C)  Data loss policies 
D)  VPN policies

Question 12

Education in an enterprise is limited to the average employee.

Accepted Answer

A) True 
 B)False

Question 13

Most organizations follow a three-phase cycle in the development and maintenance of a security policy.

Accepted Answer

A) True 
 B)False

Question 14

A(n) ____________________ is a collection of requirements specific to the system or procedure that must be met by everyone.

Accepted Answer

The answer of A(n) ____________________ is a collection of requirements...

Question 15

Match between columns
                        Premises: Periodic reviewing of a subject's privileges over an object
Refers to a methodology for making modifications and keeping track of those changes
Grouping individuals and organizations into clusters or groups based on some sort of affiliation
A subject's access level over an object, such as a user's ability to open a payroll file
The likelihood that the threat agent will exploit the vulnerability
A person or element that has the power to carry out a threat
A flaw or weakness that allows a threat agent to bypass security
A type of action that has the potential to cause harm

Accepted Answer

The Answer of Threat and Privilege and Social networking and is...

Question 16

A(n) ____ policy is designed to produce a standardized framework for classifying information assets.

Accepted Answer

A)  VPN 
B)  acceptable use 
C)  privacy 
D)  classification of information 
A)  VPN 
B)  acceptable use 
C)  privacy 
D)  classification of information

Question 17

____ is the planning, coordination, communications, and planning functions that are needed in order to resolve an incident in an efficient manner.

Accepted Answer

A)  Incident reporting 
B)  Incident management 
C)  Incident planning 
D)  Incident handling 
A)  Incident reporting 
B)  Incident management 
C)  Incident planning 
D)  Incident handling

Question 18

At the heart of information security is the concept of ____.

Accepted Answer

A)  threat 
B)  mitigation 
C)  risk 
D)  management 
A)  threat 
B)  mitigation 
C)  risk 
D)  management

Question 19

What are the duties of the CMT?

Accepted Answer

Review proposed changes.
Ensure that the

Question 20

____ learners learn through taking notes, being at the front of the class, and watching presentations.

Accepted Answer

A)  Kinesthetic 
B)  Auditory 
C)  Spatial 
D)  Visual 
A)  Kinesthetic 
B)  Auditory 
C)  Spatial 
D)  Visual

A ____ is a collection of suggestions that should be implemented.

When designing a security policy, many organizations follow a standard set of ____________________.

A due process policy is a policy that defines the actions users may perform while accessing systems and networking equipment.

Most people are taught using a(n) ____________________ approach.

Which roles should be represented on the security policy development team?

List and describe two risk categories.

List four attributes that should be compiled for new equipment in the change management documentation.

What are the typical classification designations of government documents?

A(n) ____ policy outlines how the organization uses personal information it collects.

____ networks are typically used for connecting devices on an ad hoc basis for file sharing of audio, video, and data, or real-time data transmission such as telephony traffic.

____ are generally considered to be the most important information security policies.

Education in an enterprise is limited to the average employee.

Most organizations follow a three-phase cycle in the development and maintenance of a security policy.

A(n) ____________________ is a collection of requirements specific to the system or procedure that must be met by everyone.

A(n) ____ policy is designed to produce a standardized framework for classifying information assets.

____ is the planning, coordination, communications, and planning functions that are needed in order to resolve an incident in an efficient manner.

At the heart of information security is the concept of ____.

What are the duties of the CMT?

____ learners learn through taking notes, being at the front of the class, and watching presentations.

Introduction to Security

Malware and Social Engineering Attacks

Application and Network Attacks

Vulnerability Assessment and Mitigating Attacks

Host, Application, and Data Security

Network Security

Administering a Secure Network

Wireless Network Security

Access Control Fundamentals

Authentication and Account Management

Basic Cryptography

Advanced Cryptography

Business Continuity

Filters

Exam 14: Risk Mitigation

A ____ is a collection of suggestions that should be implemented.

When designing a security policy, many organizations follow a standard set of ____________________.

A due process policy is a policy that defines the actions users may perform while accessing systems and networking equipment.

Most people are taught using a(n) ____________________ approach.

Which roles should be represented on the security policy development team?

List and describe two risk categories.

List four attributes that should be compiled for new equipment in the change management documentation.

What are the typical classification designations of government documents?

A(n) ____ policy outlines how the organization uses personal information it collects.

____ networks are typically used for connecting devices on an ad hoc basis for file sharing of audio, video, and data, or real-time data transmission such as telephony traffic.

____ are generally considered to be the most important information security policies.

Education in an enterprise is limited to the average employee.

Most organizations follow a three-phase cycle in the development and maintenance of a security policy.

A(n) ____________________ is a collection of requirements specific to the system or procedure that must be met by everyone.

A(n) ____ policy is designed to produce a standardized framework for classifying information assets.

____ is the planning, coordination, communications, and planning functions that are needed in order to resolve an incident in an efficient manner.

At the heart of information security is the concept of ____.

What are the duties of the CMT?

____ learners learn through taking notes, being at the front of the class, and watching presentations.

Introduction to Security

Malware and Social Engineering Attacks

Application and Network Attacks

Vulnerability Assessment and Mitigating Attacks

Host, Application, and Data Security

Network Security

Administering a Secure Network

Wireless Network Security

Access Control Fundamentals

Authentication and Account Management

Basic Cryptography

Advanced Cryptography

Business Continuity

Filters