Managing Risk Flashcards

1
Q

Which item should be found in a security policy?

Acceptable use policy

Emergency exit plan

Service level agreement

A

Acceptable use policy

An acceptable use policy is a typical item found in a security policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Through what mechanism is a change to the IT structure initiated?

Users make a change to their environment, then report the result to the change management team.

A user requests funding for a change to upper management, then submits a requisition to the change management team to source and purchase new equipment.

Users submit a change request to the change management team.

A

Users submit a change request to the change management team.

Users submit a change request to the change management team to effect a change to an IT structure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Users need training from the IT department to understand which of the following?

How to troubleshoot lost network connections

How to secure workstations with screen-locking and password-security techniques

How to send e-mail to the change management team

A

How to secure workstations with screen-locking and password-security techniques

Typical user training includes how to secure workstations with screen-locking and password-security techniques

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

When is a memorandum of understanding used?

As part of a statement of work (SOW)

When a service level agreement (SLA) expires

When a legal contract is not appropriate

A

When a legal contract is not appropriate

A memorandum of understanding is used when a legal contract is not appropriate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The best way to know the vulnerabilities of an IT infrastructure is to run what?

Cable certifier

Critical asset scanner

Vulnerability scanner

A

Vulnerability scanner

Run a vulnerability scanner to find weaknesses in an IT infrastructure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is succession planning?

Identifying personnel who can take over certain positions in response to an incident

The career path by which employees of an organization can grow through the ranks

The selection of failover servers in the event of a catastrophic server failure

A

Identifying personnel who can take over certain positions in response to an incident

Identifying personnel who can take over certain positions in response to an incident is essential in succession planning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

During and after a change to the IT infrastructure, what must be done?

New equipment must be installed.

Operating systems must be patched.

The changes must be documented.

A

The changes must be documented.

When changing an IT infrastructure, always document the changes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the job of a first responder?

Investigate data on a computer suspected to contain crime evidence.

React to the notification of a computer crime.

Power off computers suspected of being used in criminal activity.

A

React to the notification of a computer crime.

A first responder reacts to the notification of a computer crime

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

When working inside equipment, what should Jane do?

Ensure that the equipment is secured to the rack with four screws.

Wear a properly connected anti-ESD wrist strap.

Have a fire extinguisher nearby and review its proper use.

A

Wear a properly connected anti-ESD wrist strap.

Jane should almost always wear a properly connected anti-ESD wrist strap when working inside equipment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The placement of a rack should optimize what?

Airflow

HVAC

MSDS

A

Airflow

Figure out the proper airflow when placing a rack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly