Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
2 out of 2 points
False
Question 2
2 out of 2 points
b.
DoS
Question 3
2 out of 2 points
A ____ deals with the preparation for and recovery from a disaster,
whether natural or man-made.
Selected Answer:
a.
Question 4
2 out of 2 points
c.
Question 5
2 out of 2 points
c.
policy
Question 6
2 out of 2 points
b.
Question 7
2 out of 2 points
A(n) ____ is an object, person, or other entity that is a potential risk of loss
to an asset.
Selected Answer:
c.
threat
Question 8
2 out of 2 points
a.
incident
Question 9
2 out of 2 points
A(n) ____ is used to anticipate, react to, and recover from events that
threaten the security of information and information assets in an
organization; it is also used to restore the organization to normal modes of
business operations;
Selected Answer:
c.
contingency plan
Question 10
2 out of 2 points
Vulnerability
Question 11
Needs Grading
or protect?
Which information assets would cause more liability?
Depending on answers to the above questions, the weighted factor is
assigned and are arranged in order of importance.
Question 12
2 out of 2 points
For the purpose of making relative risk assessments, we can say that
____________________ equals the likelihood of a vulnerability occurring times
the value (or impact) of that asset to the organization minus
the percentage of risk that is already being controlled plus an element of
uncertainty.
Selected Answer:
risk
Question 13
Needs Grading
purpose of being able to recover in case of any disaster. The data is stored in a
secondary site and the plans are made to access and recover that data in case
of any disaster.
Whereas, the business continuity plan is the planning and oversight of
management that must make sure that the IT functions are operated without
any interruption if any system or emterprise fails. The business continuity is
business centric and not data centric.
Question 14
2 out of 2 points
True
Question 15
Needs Grading
Once the project team for information security development has created a
ranked vulnerability worksheet, it must choose one of five approaches for
controlling the risks that result from the vulnerabilities. List the five
approaches.
Selected
Answer:
The five approaches that should be followed to control the risks that results
from vulnerabilities are as follows:
Defense
Transferal
Mitigation
Acceptance
Termination
Question 16
Needs Grading
Provide brief descriptions for access control lists (ACLs) and configuration
rules.
Selected ACLs are basically a set of commands, grouped together by a number or name
Answer: that is used to filter traffic entering or leaving an interface.
Question 17
2 out of 2 points
A CPMT should include _____ who can oversee the security planning of the
project and provide information on threats, vulnerabilities, and recovery
requirements needed in the planning process.
Selected Answer:
c.
Question 18
2 out of 2 points
False
Question 19
2 out of 2 points
True
Question 20
2 out of 2 points
CPMT
Question 21
Needs Grading
Question 22
2 out of 2 points
a.
Question 23
2 out of 2 points
True
Question 24
Needs Grading
How does the length of the recovery time objective (RTO) of a contingency
plan affect the possible solutions that can be enacted to meet the RTO?
Give an example.
Selecte The lower the time required, the higher the cost of business recovery strategies. The lower
d
the RTO, the lower the disaster tolerance. For example, if the RTO for a given
Answer: application is one hour, redundant data backup on external hard drives may be
the best solution. If the RTO is five days, then tape, recordable compact disk or
offsite storage on a remote Web server may be more practical.
Question 25
2 out of 2 points
In a CPMT, a(n) ____ leads the project to make sure a sound project
planning process is used, a complete and useful project plan is developed,
and project resources are prudently managed.
Selected Answer:
d.
project manager
Question 26
Needs Grading
Question 27
0 out of 2 points
Team leaders from the subordinate teams, including the IR, DR, and BC
teams, should not be included in the CPMT.
Selected Answer:
True
Question 28
2 out of 2 points
Question 29
b.
2 out of 2 points
d.
Question 30
2 out of 2 points
The ____ is the point in time by which systems and data must be
recovered after an outage as determined by the business unit.
Selected Answer:
c.
Question 31
2 out of 2 points
The ____ is used to collect information directly from the end users and
business managers.
Selected Answer:
d.
Question 32
2 out of 2 points
The ____ job functions and organizational roles focus on costs of system
creation and operation, ease of use for system users, timeliness of system
creation, and transaction response time.
Selected Answer:
b.
Question 33
2 out of 2 points
The ____ job functions and organizational roles focus on protecting the
organizations information systems and stored information from attacks.
Selected Answer:
b.
Question 34
2 out of 2 points
Question 35
2 out of 2 points
Question 36
2 out of 2 points
c.
service agreement
Question 37
2 out of 2 points
d.
hypervisor
Question 38
2 out of 2 points
b.
service bureau
Question 39
2 out of 2 points
a.
network-attached storage
Question 40
2 out of 2 points
b.
moderate
Question 41
2 out of 2 points
a.
time-share
Question 42
2 out of 2 points
b.
hot site
Question 43
0 out of 2 points
A(n) ____ backup only archives the files that have been modified since the
last backup.
Selected Answer:
c.
differential
Question 44
2 out of 2 points
d.
nondisclosure agreement
Question 45
2 out of 2 points
A(n) ____ is an agreement in which the client agrees not to use the
vendors services to compete directly with the vendor, and for the client
not to use vendor information to gain a better deal with another vendor.
Selected Answer:
d.
Question 46
2 out of 2 points
a.
private cloud
Question 47
2 out of 2 points
d.
statement of indemnification
Question 48
2 out of 2 points
Hot site
Question 49
2 out of 2 points
d.
SaaS
Question 50
2 out of 2 points
d.
physically access