Quiz 15 Flashcards
Which of the following is a basic measure of reliability for systems that cannot be repaired?
mean time to failure
mean time to operate
failure in time
mean time to recovery
mean time to failure
Which threat category impacts the daily business of the organization?
compliance
managerial
operational
strategic
operational
What type of learner tends to sit in the middle of the class and learns best through lectures and discussions?
kinesthetic
visual
spatial
auditory
auditory
The classification designation of government documents is typically Top Secret, Secret, Unusual, Confidential, and Unclassified.
True
False
False
What specific type of mechanism should be utilized by all types of training to provide input from participants on the training’s effectiveness so that any needed modifications can be made for future training?
participant feedback mechanism
training mechanism
feedback mechanism
survey feedback mechanism
feedback mechanism
What type of risk calculation uses an “educated guess” based on observation?
qualitative risk calculation
environmental risk calculation
quantitative risk calculation
observational risk calculation
qualitative risk calculation
Risk avoidance involves identifying the risk and making the decision to engage in the activity.
True
False
False
Select the specific type of interview that is usually conducted when an employee leaves the company.
last interview
exit interview
post interview
initial interview
exit interview
Which term below describes the art of helping an adult learn?
metagogical
deontological
andragogical
pedagogical
andragogical
The FIT calculation is another way of reporting MTTF.
True
False
False
What term can be described as a function of threats, consequences of those threats, and the resulting vulnerabilities?
management
risk
threat
mitigation
risk
What type of control is designed to provide an alternative to normal controls that for some reason cannot be used?
detective control
deterrent control
compensating control
preventive control
compensating control
Distributive allocation refers to “eliminating” the risk.
True
False
False
What kind of policy defines the actions users may perform while accessing systems and networking equipment?
privacy use policy
VPN access policy
acceptable use policy
network use policy
acceptable use policy
A physical control attempts to discourage security violations before they occur.
True
False
False
A subject’s privilege over an object should follow the principle of least privilege.
True
False
True
Which of the following refers to the start-up relationship between partners?
partner beginning
starting partner agreement
partner on-boarding
partner trust
partner on-boarding
Generally considered to be the most important information security policies, what item below defines the actions a user may perform while accessing systems and networking equipment?
encryption policies
acceptable use policies
data loss policies
VPN policies
acceptable use policies
What describes an agreement between two or more parties and demonstrates a “convergence of will” between the parties so that they can work together?
ISA
MOU
BPA
NDA
MOU
Vendor-specific guides are useful for configuring web servers, operating systems, applications servers, and network infrastructure devices.
True
False
True
Select the option that best describes an asset:
any item that has a positive economic value
any item that is owned by an enterprise
any item that is used by management
any item that is used by all employees
any item that has a positive economic value
What can be defined as the planning, coordination, and communications functions that are needed to resolve an incident in an efficient manner?
incident reporting
incident planning
incident handling
incident management
incident handling
What control is designed to identify any threat that has reached the system?
deterrent control
preventive control
compensating control
detective control
detective control
What type of learner learns best through hands-on approaches?
auditory
kinesthetic
spatial
visual
kinesthetic
