DEVRY SEC360 WEEK 3 QUIZ

(TCO 3) _____ conduct periodic risk-based reviews of information assets, policies, and procedures.

Security testers

Vendor managers

Internal auditors

Access coordinators

Technical managers

Text, page 81

Points Received: 5 of 5

Comments:

Question 2. Question :

(TCO 3) An excellent document to review for best practices in security management is _____.

IN ISO/IEC 17799

BS 7799

ISO/IEC 27001

Appendix H of NIST SP 800-53

Any of the above

Points Received: Comments:

Question 3. Question :

(TCO 3) An organization’s security posture is defined and documented in _____ that must exist before any computers are used.

standards

guidelines

procedures

policies

All of the above

Text, pages 68-73

Points Received: 5 of 5

Comments:

Question 4. Question :

(TCO 3) What does SDLC stands for?

Software development license cycle

Software development life cycle

System development life cycle

System definition life cycle

None of the above

Lecture

Points Received: 5 of 5

Comments:

Question 5. Question :

(TCO 4) Various countries have different views of individual privacy. The European Union (EU) has very different privacy laws than the United States has. To allow U.S. companies better ease of operation in the European Union, the Department of Commerce negotiated the _____ with the EU.

privacy treaty

Memorandum of Agreement regarding privacy

Privacy Reciprocity Act of 1993

international safe harbor principles

Privacy Act of 1983

Text, page 150

Points Received: 5 of 5

Comments:

Question 6. Question :

(TCO 4) Which of the following “commandments” should be part of the information security professional’s code of ethics?

I will abide by the Constitution of the United States.

I will dress appropriately for the company environment.

I will protect the equities of senior management.

I will act honorably, honestly, justly, responsibly, and legally.

Text, page 154

Points Received: 5 of 5

Comments:

Question 7. Question :

(TCO 5) Information hiding or data hiding is implemented through _____.

abstraction

encapsulation

layering

isolated storage

encryption

Text, page 94

Points Received: 5 of 5

Comments:

Question 8. Question :

(TCO 5) A reference monitor is _____.

a security model

a security control

a network security model

only appropriate in ringed architecture

Text, page 90 and lecture

Points Received: 5 of 5

Comments:

Question 9. Question :

(TCO 4) Denial of service attacks, rogue code, and software piracy are some of the ways that _____ commit crimes.

aggressive programmers

computer enthusiasts

cyber criminals

foreign operatives

Text, page 144

Points Received: 5 of 5

Comments:

Question 10. Question :

(TCO 5) The _____ can be illustrated using something known as a ring of trust.

TCB

principle of least privilege

secondary storage zone

kernel

Text, page 91

Points Received: 5 of 5

Comments:

* Times are displayed in (GMT-07:00) Mountain Time (US & Canada)