Question 1

Software assets are

Accepted Answer

A)  Software tools needed to accomplish the organization's mission 
B)  Digitally stored content owned by an individual or organization 
C)  Employees whose departure could adversely affect the organization 
D)  Machinery involved in supporting the business 
A)  Software tools needed to accomplish the organization's mission 
B)  Digitally stored content owned by an individual or organization 
C)  Employees whose departure could adversely affect the organization 
D)  Machinery involved in supporting the business A

Question 2

The majority of information security incidents are identified by

Accepted Answer

A)  Organizations other than the affected organization 
B)  Investigators 
C)  The affected organizations 
D)  Law enforcement 
A)  Organizations other than the affected organization 
B)  Investigators 
C)  The affected organizations 
D)  Law enforcement A

Question 3

An example of a top-down approach to asset identification is

Accepted Answer

A)  Reading the mission statement of the organization 
B)  Talking to co-workers 
C)  Reading on-boarding documentation 
D)  All of the above 
A)  Reading the mission statement of the organization 
B)  Talking to co-workers 
C)  Reading on-boarding documentation 
D)  All of the above A

Question 4

Hardware assets are

Accepted Answer

A)  Software tools needed to accomplish the organization's mission 
B)  Digitally stored content owned by an individual or organization 
C)  Employees whose departure could adversely affect the organization 
D)  Machinery involved in supporting the business 
A)  Software tools needed to accomplish the organization's mission 
B)  Digitally stored content owned by an individual or organization 
C)  Employees whose departure could adversely affect the organization 
D)  Machinery involved in supporting the business

Question 5

Based on sensitivity, assets are classified as

Accepted Answer

A)  Essential, required, deferrable 
B)  Restricted, unrestricted 
C)  Information, personnel, hardware 
D)  Hardware, software, legal 
A)  Essential, required, deferrable 
B)  Restricted, unrestricted 
C)  Information, personnel, hardware 
D)  Hardware, software, legal

Question 6

Asset criticality is usually associated with the impact of an asset on

Accepted Answer

A)  Confidentiality 
B)  Integrity 
C)  Availability 
D)  Sensitivity 
A)  Confidentiality 
B)  Integrity 
C)  Availability 
D)  Sensitivity

Question 7

The stages in an IT asset life cycle include

Accepted Answer

A)  Reduce, reuse, recycle 
B)  Plan, do, check, act 
C)  Plan, acquire, deploy, manage, retire 
D)  Concept, definition, launch, perform, close 
A)  Reduce, reuse, recycle 
B)  Plan, do, check, act 
C)  Plan, acquire, deploy, manage, retire 
D)  Concept, definition, launch, perform, close

Question 8

Bottom-up and top down approaches are needed to identify

Accepted Answer

A)  Asset priorities 
B)  General assets 
C)  Assets 
D)  Idiosyncratic assets 
A)  Asset priorities 
B)  General assets 
C)  Assets 
D)  Idiosyncratic assets

Question 9

RFPs, ITNs, ITBs are associated with the

Accepted Answer

A)  Acquiring stage 
B)  Deployment stage 
C)  Management stage 
D)  Planning stage 
A)  Acquiring stage 
B)  Deployment stage 
C)  Management stage 
D)  Planning stage

Question 10

Methods of hardware asset discovery include

Accepted Answer

A)  Network scanning 
B)  Asset reviews 
C)  Purchase reviews 
D)  All of the above 
A)  Network scanning 
B)  Asset reviews 
C)  Purchase reviews 
D)  All of the above

Question 11

Required assets are those whose loss of availability

Accepted Answer

A)  Could be tolerated for a short period of time 
B)  Could be acceptable 
C)  Is not acceptable even for a short period of time 
D)  Would cause immediate severe repercussions to the organization 
A)  Could be tolerated for a short period of time 
B)  Could be acceptable 
C)  Is not acceptable even for a short period of time 
D)  Would cause immediate severe repercussions to the organization

Question 12

Based on criticality, assets are classified as

Accepted Answer

A)  Restricted, unrestricted 
B)  Essential, required, deferrable 
C)  Information, personnel, hardware 
D)  Hardware, software, legal 
A)  Restricted, unrestricted 
B)  Essential, required, deferrable 
C)  Information, personnel, hardware 
D)  Hardware, software, legal

Question 13

Information assets are

Accepted Answer

A)  Software tools needed to accomplish the organization's mission 
B)  Digitally stored content owned by an individual or organization 
C)  Employees whose departure could adversely affect the organization 
D)  Machinery involved in supporting the business 
A)  Software tools needed to accomplish the organization's mission 
B)  Digitally stored content owned by an individual or organization 
C)  Employees whose departure could adversely affect the organization 
D)  Machinery involved in supporting the business

Question 14

Asset criticality refers to

Accepted Answer

A)  A measure of the importance of an asset to the immediate survival of an organization 
B)  Contractual arrangements that guide the use of hardware and software assets within the organization 
C)  Adverse consequences for the organization upon disclosure of information 
D)  Damage caused to the organization from a breach of confidentiality or violation of integrity of an asset 
A)  A measure of the importance of an asset to the immediate survival of an organization 
B)  Contractual arrangements that guide the use of hardware and software assets within the organization 
C)  Adverse consequences for the organization upon disclosure of information 
D)  Damage caused to the organization from a breach of confidentiality or violation of integrity of an asset

Question 15

The ISO standard for information security is

Accepted Answer

A)  ISO 9000 
B)  ISO 27002 
C)  ISO 14000 
D)  ISO 3166 
A)  ISO 9000 
B)  ISO 27002 
C)  ISO 14000 
D)  ISO 3166

Question 16

The parameters used to characterize assets are

Accepted Answer

A)  Asset sensitivity and asset criticality 
B)  Asset confidentiality and asset restrictions 
C)  Restricted and unrestricted assets 
D)  Essential, required and deferrable assets 
A)  Asset sensitivity and asset criticality 
B)  Asset confidentiality and asset restrictions 
C)  Restricted and unrestricted assets 
D)  Essential, required and deferrable assets

Question 17

The most appropriate IT lifecycle stage to evaluate an organization's processes is the

Accepted Answer

A)  Retirement stage 
B)  Deployment stage 
C)  Management stage 
D)  Planning stage 
A)  Retirement stage 
B)  Deployment stage 
C)  Management stage 
D)  Planning stage

Question 18

Restricted assets are

Accepted Answer

A)  Assets whose loss would cause severe repercussions to the organization immediately 
B)  Importance of an asset to the immediate survival of an organization 
C)  The damage caused to an organization from a breach of confidentiality or integrity of an asset 
D)  Assets whose disclosure or alteration would have adverse consequences for the organization 
A)  Assets whose loss would cause severe repercussions to the organization immediately 
B)  Importance of an asset to the immediate survival of an organization 
C)  The damage caused to an organization from a breach of confidentiality or integrity of an asset 
D)  Assets whose disclosure or alteration would have adverse consequences for the organization

Question 19

Personnel assets are

Accepted Answer

A)  Software tools needed to accomplish the organization's mission 
B)  Digitally stored content owned by an individual or organization 
C)  Employees whose departure could adversely affect the organization 
D)  Machinery involved in supporting the business 
A)  Software tools needed to accomplish the organization's mission 
B)  Digitally stored content owned by an individual or organization 
C)  Employees whose departure could adversely affect the organization 
D)  Machinery involved in supporting the business

Question 20

Tracking attributes are used for

Accepted Answer

A)  Software assets 
B)  Personnel assets 
C)  Hardware assets 
D)  Information assets 
A)  Software assets 
B)  Personnel assets 
C)  Hardware assets 
D)  Information assets

Software assets are

The majority of information security incidents are identified by

An example of a top-down approach to asset identification is

Hardware assets are

Based on sensitivity, assets are classified as

Asset criticality is usually associated with the impact of an asset on

The stages in an IT asset life cycle include

Bottom-up and top down approaches are needed to identify

RFPs, ITNs, ITBs are associated with the

Methods of hardware asset discovery include

Required assets are those whose loss of availability

Based on criticality, assets are classified as

Information assets are

Asset criticality refers to

The ISO standard for information security is

The parameters used to characterize assets are

The most appropriate IT lifecycle stage to evaluate an organization's processes is the

Restricted assets are

Personnel assets are

Tracking attributes are used for

Introduction

System Administration

System Administration 2

Basic Information Security Model

Threats and Vulnerabilities

Encryption Controls

Identity and Access Management

Hardware and Software Controls

Shell Scripting

Incident Handling

Incident Analysis

Policies, Standards and Guidelines

It Risk Analysis and Risk Management

Filters

Exam 5: Asset Identification and Characterization

Software assets are

The majority of information security incidents are identified by

An example of a top-down approach to asset identification is

Hardware assets are

Based on sensitivity, assets are classified as

Asset criticality is usually associated with the impact of an asset on

The stages in an IT asset life cycle include

Bottom-up and top down approaches are needed to identify

RFPs, ITNs, ITBs are associated with the

Methods of hardware asset discovery include

Required assets are those whose loss of availability

Based on criticality, assets are classified as

Information assets are

Asset criticality refers to

The ISO standard for information security is

The parameters used to characterize assets are

The most appropriate IT lifecycle stage to evaluate an organization's processes is the

Restricted assets are

Personnel assets are

Tracking attributes are used for

Introduction

System Administration

System Administration 2

Basic Information Security Model

Threats and Vulnerabilities

Encryption Controls

Identity and Access Management

Hardware and Software Controls

Shell Scripting

Incident Handling

Incident Analysis

Policies, Standards and Guidelines

It Risk Analysis and Risk Management

Filters