Exam 8: Controls for Information Security

The process that uses automated tools to identify whether a system possesses any well-known security problems is known as a(n)

________ is/are an example of a detective control.

This is used to identify rogue modems (or by hackers to identify targets).

Compatibility tests utilize a(n)________,which is a list of authorized users,programs,and data files the users are authorized to access or manipulate.

Kuzman Jovan called a meeting of the top management at Jovan Capital Management.Number one on the agenda was computer system security."The risk of security breach incidents has become unacceptable," he said,and turned to the Chief Information Officer."What do you intend to do?" Which of the following is the best answer?

The most important element of any preventive control is

Which of the following is not one of the essential criteria for successfully implementing each of the principles that contribute to systems reliability,as discussed in the Trust Services Framework?

All employees of E.C.Hoxy are required to pass through a gate and present their photo identification cards to the guard before they are admitted.Entry to secure areas,such as the Information Technology Department offices,requires further procedures.This is an example of a(n)

A demilitarized zone

It was 8:03 A.M.when Jiao Jan,the Network Administrator for South Asian Technologies,was informed that the intrusion detection system had identified an ongoing attempt to breach network security.By the time that Jiao had identified and blocked the attack,the hacker had accessed and downloaded several files from the company's server.Using the notation for the time-based model of security,in this case

The Trust Services Framework reliability principle that states sensitive information be protected from unauthorized disclosure is known as

Noseybook is a social networking site that boasts over a million registered users and a quarterly membership growth rate in the double digits.As a consequence,the size of the information technology department has been growing very rapidly,with many new hires.Each employee is provided with a name badge with a photo and embedded computer chip that is used to gain entry to the facility.This is an example of a(n)

Which of the below keeps a record of the network traffic permitted to pass through a firewall?

A well-known hacker started his own computer security consulting business shortly after being released from prison.Many companies pay him to attempt to gain unauthorized access to their network.If he is successful,he offers advice as to how to design and implement better controls.What is the name of the testing for which the hacker is being paid?

The Trust Services Framework reliability principle that states personal information should be protected from unauthorized disclosure is known as

Identify a party below who was involved with developing the Trust Services Framework.

Identify the best description of an access control matrix below.

Which of the following is commonly true of the default settings for most commercially available wireless access points?

The most effective way to protect network resources that are exposed to the internet,yet reside outside of a network is

Multi-factor authentication