Quiz 13 Flashcards
Survivable Network Analysis begins with what assumption?
Question 1 options:
that an effective security policy can reduce risks to zero
that your network will be attacked
that the probability of threats is increasing constantly
that you have laid the groundwork for a risk analysis
that your network will be attacked
To determine the value of hardware and software you need to protect, which of the
following approaches is easiest to use?
Question 2 options:
keeping records of purchase costs
interviewing support personnel
using your experience and expertise
getting the most recent prices online
interviewing support personnel
When should an organization conduct a new round of risk analysis?
Question 3 options:
every three months
when equipment or staff change significantly
as frequently as possible
every month
when equipment or staff change significantly
A risk analysis report should call attention to .
Question 4 options:
the newest risks
the most urgent risks
the risks that are easiest to manage
all identified risks
all identified risks
The ultimate goal of a security policy is which of the following?
Question 5 options:
none of the above
reducing the risks to zero
convincing management that the IT budget should be increased
doing it right the first time so the policy does not have to be rewritten constantly
none of the above
What are the hardware, software, and informational resources you need to protect?
Question 6 options:
threats
tangibles
assets
business holdings
assets
nsuring that databases remain accessible if primary systems go offline is known
as .
Question 7 options:
fault tolerance
resiliency
failover
redundancy
fault tolerance
Which of the following technologies helps protect sensitive data even after it has been
stolen from a secured medium?
Question 8 options:
virus protection
encryption
authentication
Spybot
encryption
Which of the following sections of a security policy affects the most people in an
organization?
Question 9 options:
incident handling policy
acceptable use policy
privileged access policy
remote access policy
acceptable use policy
What is an escalation procedure? (Choose all that apply.)
Question 10 options:
A) It identifies employees who should be involved in the response.
B) It describes how network security can be improved in stages.
C) It describes how a virus can multiply and affect more assets.
D) It describes different levels of response based on incident severity.
It describes different levels of response based on incident severity.
It identifies employees who should be involved in the response.
Which of the following, if worded correctly, can protect companies from wrongful
termination lawsuits?
Question 11 options:
penalty clauses
nondisclosure clauses
acceptable use policies
punitive clauses
penalty clauses
A password policy might specify which of the following attributes for password selection?
Question 12 options:
length requirements
frequency for changing passwords
all of the above
complexity requirements
all of the above
Which of the following provides employees with formal instructions about the
organization’s security strategy?
Question 13 options:
risk assessment
acceptable use policy
security user awareness program
strategy meeting
security user awareness program
If organizations have employees who connect remotely, which of the following security
concerns should be considered?
Question 14 options:
all of the above
the possibility of mobile devices being stolen
the use of updated, effective antivirus and firewall software on mobile devices or home systems that connect to the network
virus infections spreading from home and mobile systems to corporate system
all of the above
A password policy should be established in the and enforced by
whenever possible.
Question 15 options:
company employee handbook, security guards
company Web site, network administrators
risk assessment process, management
security policy, software
security policy, software
