Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP 2019 (tms005) > Chapter 16 – Managing Security Operations > Flashcards

Chapter 16 – Managing Security Operations Flashcards

1
Q
  1. An organization ensures that users are granted access to only the data they need to perform specific work task. What principle are they following?
    Need-to-know
A

Need-to-know

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. An administrator is granting permissions to database. What is the default level of access the administrator should grant to new users in the organization?
    No access
A

No access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. Which of the following statements best statements best describes why separation of duties is important for security purposes?
    It prevents any single IT security person from making major security changes without involving other individuals
A

It prevents any single IT security person from making major security changes without involving other individuals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. What is a primary benefit of job rotation and separation of duties policies?
    Preventing fraud
A

Preventing fraud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. A financial organization commonly has employees switch duty responsibilities every six months. What security principle are they employing?
    Job rotation
A

Job rotation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. Which of the following is one of the primary reasons an organization enforces a mandatory vacation policy?
    To detect fraud
A

To detect fraud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. An organization wants to reduce vulnerabilities against fraud from malicious employees. Of the following choices, what would help with this goal? (Choose all that apply.)
    Job rotation, Separation of duties, Mandatory vacations
A

Job rotation, Separation of duties, Mandatory vacations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. Of the following choices, what is not a valid security practice related to special privileges?
    Grant access equally to administrators and operators.
A

Grant access equally to administrators and operators.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. Which of the following identifies vendor responsibilities and can include monetary penalties if the vendor doesn’t meet the stated responsibilities?
    Service-level agreement (SLA)
A

Service-level agreement (SLA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. What should be done with equipment that is at the end of its lifecycle and is being donated to a charity?
    Sanitize it.
A

Sanitize it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CISSP 2019 (tms005) (21 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions