Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 11: Security Policies

Full screen (f)
exit full mode
Question
Which is true about access control policies?

A)All resources should be locked down as much as possible to prevent security problems.
B)Users' needs should be assessed based on the group to which they belong,and they should be given the minimum access needed to perform their job duties.
C)Each user's needs should be assessed and they should be given the minimum access needed to perform their job duties.
D)Users should be provided access to all resources they deem necessary for their work.
Use Space or
up arrow
down arrow
to flip the card.
Question
Which is NOT true about organizational use of instant messaging?

A)It may be acceptable for business purposes.
B)It poses a significant security risk.
C)It is safe for distribution of private business information.
D)It should not be used for personal communication.
Question
Which is true about system administration policies regarding leaving employees?

A)All logon accounts must be deleted.
B)Employees should be allowed access to their work areas for a few days to retrieve personal belongings
C)Internet access accounts and e-mail accounts must be deleted immediately.
D)Workstation drives should be examined for evidence of any inappropriate activities.
Question
Why does the author state that technology alone is not a panacea for network security problems?

A)Advances in technology occur too rapidly for security experts to keep up with them.
B)Improvements in technology actually create the most security problems.
C)Technology cannot be effective if people do not follow appropriate procedures.
D)The author actually does say that technology solves network security problems.
Question
System administration policies should be in place for which of the following?

A)Adding and removing users.
B)Changing any systems.
C)Dealing with security issues.
D)All of the above.
Question
System ____________ policies must define the steps to be taken in providing access for new users and removing access for leaving users.
Question
The primary vehicle for virus distribution is ____________.
Question
Which is NOT an issue that should be covered by administrative policies?

A)Desktop configuration
B)E-mail attachments
C)Software installation and removal
D)All should be covered by administrative policies.
Question
Upon termination of an employee,____________ access to facilities as well as system access must be immediately terminated.
Question
Which is NOT a reason why users should have privileges restricted to prevent them from changing their desktop images?

A)Downloaded background images may contain malicious software.
B)Harassment issues might arise if inappropriate images are used.
C)Management must always control what users see on their desktops.
D)User privileges to change desktop images can also permit changes that compromise security.
Question
Which is true about user security policies?

A)Employees must sign a statement of acknowledgement that they understand them for policies to be effective
B)Policies must be clear and very specific.
C)Security policies can prevent misuse of computer systems.
D)There must be penalties for every infraction.
Question
Password length,password history,and password complexity should be mandated by ____________ policies.
Question
Issues such as Internet access,password sharing,opening of e-mail attachments,and installing software should be controlled by ____________ policies.
Question
An organizational policy requiring that all buffers have error handling to prevent buffer overruns is an example of:

A)an administrative policy.
B)a developmental policy.
C)a security policy.
D)a user policy.
Question
Which is NOT an example of a good password policy?

A)Passwords should not be shared with others unless IT is not available to provide one in a reasonable time.
B)If passwords are written down,they should be kept secure.
C)Passwords should be changed regularly.
D)Possible compromise of a password should be immediately reported to the IT department.
Question
What is the primary reason a change control process is necessary?

A)It allows IT security personnel to examine proposed changes for potential security problems before implementation.
B)It keeps track of changes so that problems can be documented.
C)It requires changes to be documented before they are made.
D)It verifies that proposed changes will work before they are implemented.
Question
Copying data,sharing passwords,and surfing the Internet on company time are all examples of ____________ of organizational computer assets.
Question
Which is an e-mail attachment that would be acceptable to open?

A)It is an animation or movie.
B)It contains active code.
C)It comes from an unknown source.
D)It contains an expected spreadsheet.
Question
What should NOT be considered in creating a good password?

A)Length should be at least six to eight characters to limit brute force attacks.
B)Passwords should be easy to remember such as pets' or children's names to limit the need to write them down.
C)Policies should be in place to require minimum length and history of passwords.
D)Special characters and numbers must be included to limit use of dictionaries and brute force.
Question
Which is NOT a criteria by which an employee should determine an e-mail attachment can be opened?

A)It appears to be a legitimate business document.
B)It does not contain malicious programming.
C)It was expected,such as a requested document.
D)If it was not expected,it comes from a known source.
Question
The concept of ____________ dictates that a user should have only the access necessary to complete their job and no more.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/21
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 11: Security Policies
1
Which is true about access control policies?

A)All resources should be locked down as much as possible to prevent security problems.
B)Users' needs should be assessed based on the group to which they belong,and they should be given the minimum access needed to perform their job duties.
C)Each user's needs should be assessed and they should be given the minimum access needed to perform their job duties.
D)Users should be provided access to all resources they deem necessary for their work.
C
2
Which is NOT true about organizational use of instant messaging?

A)It may be acceptable for business purposes.
B)It poses a significant security risk.
C)It is safe for distribution of private business information.
D)It should not be used for personal communication.
C
3
Which is true about system administration policies regarding leaving employees?

A)All logon accounts must be deleted.
B)Employees should be allowed access to their work areas for a few days to retrieve personal belongings
C)Internet access accounts and e-mail accounts must be deleted immediately.
D)Workstation drives should be examined for evidence of any inappropriate activities.
D
4
Why does the author state that technology alone is not a panacea for network security problems?

A)Advances in technology occur too rapidly for security experts to keep up with them.
B)Improvements in technology actually create the most security problems.
C)Technology cannot be effective if people do not follow appropriate procedures.
D)The author actually does say that technology solves network security problems.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
5
System administration policies should be in place for which of the following?

A)Adding and removing users.
B)Changing any systems.
C)Dealing with security issues.
D)All of the above.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
6
System ____________ policies must define the steps to be taken in providing access for new users and removing access for leaving users.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
7
The primary vehicle for virus distribution is ____________.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
8
Which is NOT an issue that should be covered by administrative policies?

A)Desktop configuration
B)E-mail attachments
C)Software installation and removal
D)All should be covered by administrative policies.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
9
Upon termination of an employee,____________ access to facilities as well as system access must be immediately terminated.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
10
Which is NOT a reason why users should have privileges restricted to prevent them from changing their desktop images?

A)Downloaded background images may contain malicious software.
B)Harassment issues might arise if inappropriate images are used.
C)Management must always control what users see on their desktops.
D)User privileges to change desktop images can also permit changes that compromise security.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
11
Which is true about user security policies?

A)Employees must sign a statement of acknowledgement that they understand them for policies to be effective
B)Policies must be clear and very specific.
C)Security policies can prevent misuse of computer systems.
D)There must be penalties for every infraction.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
12
Password length,password history,and password complexity should be mandated by ____________ policies.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
13
Issues such as Internet access,password sharing,opening of e-mail attachments,and installing software should be controlled by ____________ policies.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
14
An organizational policy requiring that all buffers have error handling to prevent buffer overruns is an example of:

A)an administrative policy.
B)a developmental policy.
C)a security policy.
D)a user policy.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
15
Which is NOT an example of a good password policy?

A)Passwords should not be shared with others unless IT is not available to provide one in a reasonable time.
B)If passwords are written down,they should be kept secure.
C)Passwords should be changed regularly.
D)Possible compromise of a password should be immediately reported to the IT department.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
16
What is the primary reason a change control process is necessary?

A)It allows IT security personnel to examine proposed changes for potential security problems before implementation.
B)It keeps track of changes so that problems can be documented.
C)It requires changes to be documented before they are made.
D)It verifies that proposed changes will work before they are implemented.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
17
Copying data,sharing passwords,and surfing the Internet on company time are all examples of ____________ of organizational computer assets.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
18
Which is an e-mail attachment that would be acceptable to open?

A)It is an animation or movie.
B)It contains active code.
C)It comes from an unknown source.
D)It contains an expected spreadsheet.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
19
What should NOT be considered in creating a good password?

A)Length should be at least six to eight characters to limit brute force attacks.
B)Passwords should be easy to remember such as pets' or children's names to limit the need to write them down.
C)Policies should be in place to require minimum length and history of passwords.
D)Special characters and numbers must be included to limit use of dictionaries and brute force.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
20
Which is NOT a criteria by which an employee should determine an e-mail attachment can be opened?

A)It appears to be a legitimate business document.
B)It does not contain malicious programming.
C)It was expected,such as a requested document.
D)If it was not expected,it comes from a known source.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
21
The concept of ____________ dictates that a user should have only the access necessary to complete their job and no more.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree