IS3340 CHAPTER 10

Question 1

The components, including people, information, and conditions, that support business objectives is called ___?

Answer 1

BUSINESS DRIVERS

Question 2

The process of ensuring that the items in each domain of the IT infrastructure meet or exceed security goals is called ___?

Answer 2

COMPLIANCE

Question 3

A quality method indicating a continuous process consisting of four repeating steps and is known as ___ or ____? (PDCA)

Answer 3

DEMING CYCLE/PLAN-DO-CHECK-ACT (PDCA)

Question 4

The ongoing attention and care an organization places on security and compliance is called ___?

Answer 4

DUE DILIGENCE

Question 5

A network device or software that can analyze traffic and detect a potential intrusion based on traffic patterns is called ___?

Answer 5

INTRUSION DETECTION SYSTEM (IDS)

Question 6

A network device or software that can analyze traffic and detect a potential intrusion based on traffic patterns and can also change firewall rules in real time to prevent further damage from an attack is called ___?

Answer 6

INTRUSION PREVENTION SYSTEM (IPS)

Question 7

A shortened unique string of digits that represents a file or message is called ___?

Answer 7

MESSAGE DIGEST

Question 8

The process of implementing the security controls within the IT infrastructure is called ___?

Answer 8

SECURITY ADMINISTRATION

Question 9

1. Security administration is the process of developing an organization’s security policy.
   TRUE OR FALSE

Answer 9

FALSE

Question 10

2. What is the most important feature of PDCA?
3. PDCA was developed for security administration
4. PDCAis a Microsoft standard
5. PDCA repeats and does not end
6. PDCA was developed by Dr. Deming

Answer 10

PDCA repeats and does not end

Question 11

3. which of the following activities would a security administrator be LEAST likely to do?
4. Monitor log files
5. Deliver AUP training
6. Keep software up to date
7. Enforce physical security controls

Answer 11

Deliver AUP training

Question 12

4. If time to recover exceeds the recovery goal, which property of security have you violated?
5. Availability
6. Integrity
7. Confidentiality
8. Consistency

Answer 12

Availability

Question 13

5. Which of the following devices or software programs can detect intrusions? (Select two)
6. Firewall
7. IDS
8. IPS
9. NAT

Answer 13

IDS

IPS

Question 14

6. A valid backup is an integral part of your ___ and ___.

Answer 14

Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)

Question 15

7. Protecting both integrity and confidentiality depend largely on knowing a user’s identity.
   TRUE OR FALSE

Answer 15

TRUE

Question 16

8. A DACL is used primarily to enforce which security properties? (Select two)
9. Integrity
10. Consistency
11. Confidentiality
12. Availability

Answer 16

Integrity

Confidentiality

Question 17

9. You can use the ___ tool to ensure your Microsoft operating system is up to date and has all patches and service packs installed.

Answer 17

MBDA

Question 18

10. Active directory requires that you create multiple GPOs, one for each computer.
    TRUE OR FALSE

Answer 18

FALSE

Question 19

11. Which of the following terms is best described as a collection of requirements users must meet, typically within a specific system or environment?
12. Security policy
13. Security standard
14. Security procedure
15. Security guideline

Answer 19

Security standard

Question 20

12. Which type of Windows component would you use to define which users can create files in a folder?
13. DACL
14. NAT
15. User right
16. IPSec rule

Answer 20

DACL

Question 21

13. Which tool would you sue to edit the setting that disables user-installed desktop gadgets for all users?
14. Local Group Policy Editor
15. MBSA
16. GPMC
17. Performance Monitor

Answer 21

GPMC

Question 22

14. Microsoft provides a command line utility for creating backups on Windows Server 2008 and Windows 7.
    TRUE OR FALSE

Answer 22

TRUE