Chapter 9

Question 1

Identify the type of information below that is least likely to be considered “sensitive” by an organization

Answer 1

financial statements

Question 2

what is not one of the basic actions that an organization must take to preserve the confidentiality of sensitive information

Answer 2

backing up information

Question 3

classification of confidential information is the responsibility of whom, according to COBIT5

Answer 3

information owner

Question 4

True or False: encryption is one of the many ways to protect information in transit over the internet

Answer 4

False

Question 5

encryption is a necessary part of which information security approach

Answer 5

defense in depth

Question 6

Information rights management does all of these things

Answer 6

authenticate individuals accessing information

Question 7

identify the first step in protecting the confidentiality of intellectual property

Answer 7

identifying who has access to the intellectual property

Question 8

after the information that needs to be protected has been identified, what step should be completed next

Answer 8

the information needs to classified in terms of its value to the organization

Question 9

which type of software blocks outgoing messages containing key words or phrases associated with an organization’s sensitive data

Answer 9

data loss prevention software