Managing Risk

Question 1

Which item should be found in a security policy?

Acceptable use policy

Emergency exit plan

Service level agreement

Answer 1

Acceptable use policy

An acceptable use policy is a typical item found in a security policy

Question 2

Through what mechanism is a change to the IT structure initiated?

Users make a change to their environment, then report the result to the change management team.

A user requests funding for a change to upper management, then submits a requisition to the change management team to source and purchase new equipment.

Users submit a change request to the change management team.

Answer 2

Users submit a change request to the change management team.

Users submit a change request to the change management team to effect a change to an IT structure

Question 3

Users need training from the IT department to understand which of the following?

How to troubleshoot lost network connections

How to secure workstations with screen-locking and password-security techniques

How to send e-mail to the change management team

Answer 3

How to secure workstations with screen-locking and password-security techniques

Typical user training includes how to secure workstations with screen-locking and password-security techniques

Question 4

When is a memorandum of understanding used?

As part of a statement of work (SOW)

When a service level agreement (SLA) expires

When a legal contract is not appropriate

Answer 4

When a legal contract is not appropriate

A memorandum of understanding is used when a legal contract is not appropriate

Question 5

The best way to know the vulnerabilities of an IT infrastructure is to run what?

Cable certifier

Critical asset scanner

Vulnerability scanner

Answer 5

Vulnerability scanner

Run a vulnerability scanner to find weaknesses in an IT infrastructure

Question 6

What is succession planning?

Identifying personnel who can take over certain positions in response to an incident

The career path by which employees of an organization can grow through the ranks

The selection of failover servers in the event of a catastrophic server failure

Answer 6

Identifying personnel who can take over certain positions in response to an incident

Identifying personnel who can take over certain positions in response to an incident is essential in succession planning

Question 7

During and after a change to the IT infrastructure, what must be done?

New equipment must be installed.

Operating systems must be patched.

The changes must be documented.

Answer 7

The changes must be documented.

When changing an IT infrastructure, always document the changes

Question 8

What is the job of a first responder?

Investigate data on a computer suspected to contain crime evidence.

React to the notification of a computer crime.

Power off computers suspected of being used in criminal activity.

Answer 8

React to the notification of a computer crime.

A first responder reacts to the notification of a computer crime

Question 9

When working inside equipment, what should Jane do?

Ensure that the equipment is secured to the rack with four screws.

Wear a properly connected anti-ESD wrist strap.

Have a fire extinguisher nearby and review its proper use.

Answer 9

Wear a properly connected anti-ESD wrist strap.

Jane should almost always wear a properly connected anti-ESD wrist strap when working inside equipment

Question 10

The placement of a rack should optimize what?

Airflow

HVAC

MSDS

Answer 10

Airflow

Figure out the proper airflow when placing a rack