(TCO 3) _____ conduct periodic risk-based reviews of information assets, policies, and procedures.
Security testers
Vendor managers
Internal auditors
Access coordinators
Technical managers
Text, page 81
Points Received: 5 of 5
Comments:
Question 2. Question :
(TCO 3) An excellent document to review for best practices in security management is _____.
IN ISO/IEC 17799
BS 7799
ISO/IEC 27001
Appendix H of NIST SP 800-53
Any of the above
Points Received: Comments:
Question 3. Question :
(TCO 3) An organizations security posture is defined and documented in _____ that must exist before any computers are used.
standards
guidelines
procedures
policies
All of the above
Text, pages 68-73
Points Received: 5 of 5
Comments:
Question 4. Question :
(TCO 3) What does SDLC stands for?
Software development license cycle
Software development life cycle
System development life cycle
System definition life cycle
None of the above
Lecture
Points Received: 5 of 5
Comments:
Question 5. Question :
(TCO 4) Various countries have different views of individual privacy. The European Union (EU) has very different privacy laws than the United States has. To allow U.S. companies better ease of operation in the European Union, the Department of Commerce negotiated the _____ with the EU.
privacy treaty
Memorandum of Agreement regarding privacy
Privacy Reciprocity Act of 1993
international safe harbor principles
Privacy Act of 1983
Text, page 150
Points Received: 5 of 5
Comments:
Question 6. Question :
(TCO 4) Which of the following “commandments” should be part of the information security professional’s code of ethics?
I will abide by the Constitution of the United States.
I will dress appropriately for the company environment.
I will protect the equities of senior management.
I will act honorably, honestly, justly, responsibly, and legally.
Text, page 154
Points Received: 5 of 5
Comments:
Question 7. Question :
(TCO 5) Information hiding or data hiding is implemented through _____.
abstraction
encapsulation
layering
isolated storage
encryption
Text, page 94
Points Received: 5 of 5
Comments:
Question 8. Question :
(TCO 5) A reference monitor is _____.
a security model
a security control
a network security model
only appropriate in ringed architecture
Text, page 90 and lecture
Points Received: 5 of 5
Comments:
Question 9. Question :
(TCO 4) Denial of service attacks, rogue code, and software piracy are some of the ways that _____ commit crimes.
aggressive programmers
computer enthusiasts
cyber criminals
foreign operatives
Text, page 144
Points Received: 5 of 5
Comments:
Question 10. Question :
(TCO 5) The _____ can be illustrated using something known as a ring of trust.
TCB
principle of least privilege
secondary storage zone
kernel
Text, page 91
Points Received: 5 of 5
Comments:
* Times are displayed in (GMT-07:00) Mountain Time (US & Canada)