Chapt 25(Chapt 9 OperProced) Flashcards

1
Q

Which of the following is a way to provide proof that a computer user agrees to the acceptable use policy AUP and any changes to it every time they log into a computer connected to your network?

A) incident report
B) splash screen notice
C) the act of logging in
D) signature on AUP

A

B
A splash screen appears on a computer before the user logs in. It can contain information related to the acceptable use policy or regulatory information that the user must agree and adhere to. This information is accepted by clicking a button indicating agreement to it before they can log in. The act of logging in alone does not provide proof of acceptance of the conditions unless there is a statement telling the user that they must either accept the conditions or not to continue. And incident report is filed when someone identifies a breach of company policies. A signature on an AUP should always be obtained as a part of onboarding, but it won’t include any changes to the policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A user needs to send a file to a co-worker. The user has no working USB ports, disc drives, or network shares. The file is too large for email. What third-party software feature is the user requiring?

A) USB share
B) encryption
C) file share
D) VPN

A

File share

If the user has third-party software offering file share capability, for example Dropbox Microsoft teams or Google chrome, then the file could be transferred to others via the file sharing software. Using encryption and establishing a VPN are not necessary. There is no need for USB sharing without a USB port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You are advising a startup that handles payment transactions to employee additional security controls on credit card information. What type of compliance affects how these security controls are implemented?

A) PII
B) PCI DSS
C) VPN
D) SSH

A

PCI DSS
The payment card industry data security standard applies to any organization that handles credit card data or processes or stores payment transactions from bank cards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What type of editor when you normally use to view a script with the file name extension .vbs?

A) Vi
B) Notepad
C) Emacs
D) CoffeeCup

A

Visual Basic scripts are run on windows platforms, so notepad would work to edit them, but the Linux and Unix editors Emacs and Vi would not be used to view a Visual Basic script. Coffee cup is for editing HTML files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is used to initiate the change management process?

A) affected systems and impact
B) request form
C) risk analysis
D) change board approval

A

Request form

A request form is used to initiate the change management process. Risk analysis and a report of the affected systems and the impact on them is part of the document that is presented to the change board for their approval before the changes implemented.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following would not be included in change management documentation?

A) end user acceptance
B) responsible staff member
C) affected systems and the impact on them
D) scope of the change

A

End user acceptance

End user acceptance is a desirable result of meeting with and including and users in the decision-making process of change management. It is a desired result, not necessarily a part of the documentation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What feature of change management examines all the possible positive and negative events that may impact a project, then identifies a response plan if the event occurs and assigns a score to the possible event?

A) scope of the change
B) change board approval
C) risk analysis or risk level
D) sandbox testing

A

Risk analysis or risk level

A part of every project should be the risk analysis with an identified risk level for each possible negative or positive event that may affect the project. The risk is signed a score, the risk level, and response plans are identified so that in the event that the risk is realized, there is a clear plan of action to handle it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly