Which of the following types of activities can be audited for security? Each correct answer represents a complete solution. Choose three.
Which of the following are the major tasks of risk management? Each correct answer represents a complete solution. Choose two.
Which of the following test methods has the objective to test the IT system from the viewpoint of a threat-source and to identify potential failures in the IT system protection schemes?
Which of the following acts is a specialized privacy bill that affects any educational institution to accept any form of funding from the federal government?
You work as a Senior Marketing Manger for Umbrella Inc. You find out that some of the software applications on the systems were malfunctioning and also you were not able to access your remote desktop session. You suspected that some malicious attack was performed on the network of the company. You immediately called the incident response team to handle the situation who enquired the Network Administrator to acquire all relevant information regarding the malfunctioning. The Network Administrator informed the incident response team that he was reviewing the security of the network which caused all these problems. Incident response team announced that this was a controlled event not an incident. Which of the following steps of an incident handling process was performed by the incident response team?
In which of the following alternative processing sites is the backup facility maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility?
Which of the following statements are true about security risks? Each correct answer represents a complete solution. Choose three.
Which of the following elements of BCP process includes the areas of plan implementation, plan testing, and ongoing plan maintenance, and also involves defining and documenting the continuity strategy?
Which of the following are the levels of military data classification system? Each correct answer represents a complete solution. Choose all that apply.
Which of the following involves changing data prior to or during input to a computer in an effort to commit fraud?
How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?
Which of the following terms refers to a mechanism which proves that the sender really sent a particular message?
Which of the following are the responsibilities of a custodian with regard to data in an information classification program? Each correct answer represents a complete solution. Choose three.
Which of the following statements about Hypertext Transfer Protocol Secure (HTTPS) are true? Each correct answer represents a complete solution. Choose two.
Which of the following laws enacted in United States makes it illegal for an Internet Service Provider (ISP) to allow child pornography to exist on Web sites?
In which of the following SDLC phases is the system's security features configured and enabled, the system is tested and installed or fielded, and the system is authorized for processing?
Mark works as a security manager for SoftTech Inc. He is involved in the BIA phase to create a document to be used to help understand what impact a disruptive event would have on the business. The impact might be financial or operational. Which of the following are the objectives related to the above phase in which Mark is involved? Each correct answer represents a part of the solution. Choose three.
Which of the following concepts represent the three fundamental principles of information security? Each correct answer represents a complete solution. Choose three.
Which of the following can be done over telephone lines, e-mail, instant messaging, and any other method of communication considered private.
Which of the following plans provides procedures for recovering business operations immediately following a disaster?
Which of the following plans is designed to protect critical business processes from natural or man-made failures or disasters and the resultant loss of capital due to the unavailability of normal business processes?
Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?
Which of the following attacks can be mitigated by providing proper training to the employees in an organization?
You are the Network Administrator for a college. You watch a large number of people (some not even students) going in and out of areas with campus computers (libraries, computer labs, etc.). You have had a problem with laptops being stolen. What is the most cost effective method to prevent this?
Which of the following are the common roles with regard to data in an information classification program? Each correct answer represents a complete solution. Choose all that apply.
Which of the following refers to an information security document that is used in the United States Department of Defense (DoD) to describe and accredit networks and systems?
Which of the following is NOT a valid maturity level of the Software Capability Maturity Model (CMM)?
Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?
What component of the change management system is responsible for evaluating, testing, and documenting changes created to the project scope?
Joseph works as a Software Developer for Web Tech Inc. He wants to protect the algorithms and the techniques of programming that he uses in developing an application. Which of the following laws are used to protect a part of software?
Which of the following statements reflect the 'Code of Ethics Preamble' in the '(ISC)2 Code of Ethics'? Each correct answer represents a complete solution. Choose all that apply.
You have created a team of HR Managers and Project Managers for Blue Well Inc. The team will concentrate on hiring some new employees for the company and improving the organization's overall security by turning employees among numerous job positions. Which of the following steps will you perform to accomplish the task?