Chapter 1 Assessment Flashcards

1
Q

Information security is specific to securing infor
mation, whereas information systems security is
focused on the security of the systems that house
the information.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Software manufacturers limit their liability when

selling software using which of the following?

A

End-User License Agreements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The __________ tenet of information systems secu

rity is concerned with the recovery time objective.

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

If you are a publicly-traded company or U.S. federal government agency, you must go public and announce that you have had a data breach and must inform the impacted individuals of that
data breach.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Organizations that require customer service representatives to access private customer data can best protect customer privacy and make
it easy to access other customer data by using which of the following security controls?

A

Blocking out customer private data details
and allowing access only to the last four
digits of Social Security numbers or account
number

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The __________ is the weakest link in an IT

infrastructure

A

User Domain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following security controls can help

mitigate malicious email attachments?

A

All of the above –

A. Email filtering and quarantining
B. Email attachment antivirus scanning
C. Verifying with users that email source is
reputable
D. Holding all inbound emails with unknown
attachments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

You can help ensure confidentiality by implementing __________.

A

A virtual private network for remote access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Encrypting email communications is needed if
you are sending confidential information within
an email message through the public Internet.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Using security policies, standards, procedures,
and guidelines helps organizations decrease
risks and threats

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A data classification standard is usually part of

which policy definition?

A

Asset protection policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A data breach is typically performed after which

of the following?

A

Unauthorized access to systems and application is obtained

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Maximizing availability primarily involves minimizing __________.

A

All of the above –
A. The amount of downtime recovering from a
disaster
B. The mean time to repair a system or application
C. Downtime by implementing a business continuity plan
D. The recovery time objective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following is not a U.S. compliance

law or act

A

PCIDS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Internet IP packets are to cleartext what encrypted IP packets are to __________.

A

Ciphertext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly