Ch.14 Flashcards
What concept below is at the very heart of information security?
Question 1 options:
threat
mitigation
risk
management
risk
Due to the potential impact of changes that can affect all users in a organization, and considering that security vulnerabilities can arise from uncoordinated changes, what should an organization create to oversee changes?
Question 2 options:
change management team
incident response team
security control team
compliance team
change management team
What may be defined as the components required to identify, analyze, and contain an incident?
Question 3 options:
Vulnerability response
Incident response
Risk response
Threat response
Incident response
What is the name for a framework and corresponding functions required to enable incident response and incident handling within an organization?
Question 4 options:
Incident reporting
Incident management
Incident handling
Incident planning
Incident management
A written document that states how an organization plans to protect the company’s information technology assets is a:
Question 5 options:
security policy
guideline
security procedure
standard
security policy
A collection of suggestions that should be implemented are referred to as a:
Question 6 options:
security policy
baseline
guideline
security procedure
guideline
Select below the option that best describes a policy:
Question 7 options:
A collection of requirements specific to the system or procedure that must be met by everyone
A collection of suggestions that should be implemented
A list of all items that have a positive economic value
A document that outlines specific requirements or rules that must be met
A document that outlines specific requirements or rules that must be met
Generally considered to be the most important information security policies, what item below defines the actions a user may perform while accessing systems and networking equipment?
Question 8 options:
Acceptable use policies
Encryption policies
Data loss policies
VPN policies
Acceptable use policies
What kind of policy outlines how organizations use personal information it collects?
Question 9 options:
VPN
network
encryption
privacy
privacy
Policies that include statements regarding how an employee’s information technology resources will be addressed are part of a:
Question 10 options:
VPN policy
acceptable use policy
security-related human resource policy
technical policy
security-related human resource policy
A person’s fundamental beliefs and principals, which are used to define what is good, and how to distinguish right from wrong, are collectively called a person’s:
Question 11 options:
Morals
Values
Ethics
Standards
Values
What are values that are attributed to a system of beliefs that help the individual distinguish right from wrong called?
Question 12 options:
Morals
Ethics
Standards
Morays
Morals
What can be defined as the study of what a group of people understand to be good and right behavior and how people make those judgments?
Question 13 options:
Values
Morals
Ethics
Standards
Ethics
Which type of network below uses a direct connection between users, and involves each device simultaneously acting as a client and a server?
Question 14 options:
Peer
Client-server
P2P
Share
P2P
Websites that group individuals and organizations into clusters or groups based on some sort of affiliation are considered to be what type of websites?
Question 15 options:
social networking
social engineering
social management
social control
social networking
