Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Introduction to Information Security > Quiz 6 > Flashcards

Quiz 6 Flashcards

Planning and Implementing Information Security

1
Q

What is a key process in the ‘Prepare’ phase of security planning?

Assessing the type of CISO needed

Performing a security audit

Conducting a SWOT analysis

Implementing security measures

A

Assessing the type of CISO needed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following is a common threat to information security?

Insider data leak

Asset inventory

Stakeholder engagement

Strong data encryption

A

Insider data leak

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does the ‘SWOT’ in SWOT analysis stand for?

Strengths, Weaknesses, Outcomes, Techniques

Systems, Weaknesses, Opportunities, Technologies

Strategy, Weaknesses, Optimization, Threats

Strengths, Weaknesses, Opportunities, Threats

A

Strengths, Weaknesses, Opportunities, Threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the primary purpose of the SETA program?

To reduce accidental security breaches

To monitor external threats

To increase network performance

To develop security policies

A

To reduce accidental security breaches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is one of the disadvantages of involving law enforcement in a security incident?

They are not equipped to handle evidence

The organization may lose control over the case

They lack expertise in obtaining witness statements

They cannot provide legal warrants

A

The organization may lose control over the case

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following best describes the relationship between CVE and NVD?

NVD identifies vulnerabilities, and CVE provides severity scores for those vulnerabilities

CVE and NVD are the same, both serving as a database for vulnerability patching

CVE lists vulnerabilities with unique identifiers, and NVD provides enhanced information such as severity scores and impact metrics

CVE provides a detailed analysis of each vulnerability, while NVD assigns vulnerability scores based on the analysis

A

CVE lists vulnerabilities with unique identifiers, and NVD provides enhanced information such as severity scores and impact metrics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following is a key control strategy to protect information assets?

Hiring only temporary employees

Separation of duties

Eliminating job rotations

Allowing employees full autonomy in their roles

A

Separation of duties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a critical step to reducing unauthorized access to business systems?

Tokenizing all outgoing communications

Increasing the number of employees in the IT department

Using basic password protection for all accounts

Implementing multi-factor authentication

A

Implementing multi-factor authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Match the term with its correct definition.

Policy

Standard

Guideline

A

Policy: “A general course of action used by an organization to influence decisions and actions.”
Standard: “A set of detailed statements that specify what must be done to comply with the policy.”
Guideline: “Recommendations on how to comply with policies and standards, providing flexibility in implementation.”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Icelandic police authorities have not found it easy to contact the representatives of “Witheld for Privacy” when issues have arisen.

True

False

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Introduction to Information Security (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions