Sample Test Questions Domain 1

Question 1

A ___ type of policy ensures that the organization is following standards set by specific industry regulations. It is very detailed and specific to a type of industry. It is used in financial institutions, healthcare facilities, public utilities, and other government-regulated industries

Answer 1

Regulatory

Question 2

An ___ type of policy informs employees of certain topics. It is not an enforceable policy, but rather one that teaches individuals about specific issues relevant to the company. It could explain how the company interacts with partners, indicate the company’s goals and mission, and provide a general reporting structure in different situations

Answer 2

Informative

Question 3

An ___ type of policy strongly advises employees as to which types of behaviors and activities should and should not take place within the organization. It also outlines possible ramifications if employees do not comply with the established behaviors and activities. This policy type can be used, for example, to describe how to handle medical information, how to handle financial transactions, or how to process confidential information

Answer 3

Advisory

Question 4

___ is the de facto standard of best practices for IT service management

Answer 4

Information Technology Infrastructure Library (ITIL)

Question 5

___ is a process improvement approach that is used to help organizations improve their performance

Answer 5

Capability Maturity Model Integration (CMMI)

Question 6

The ___ is a U.S. copyright law that criminalizes the production and dissemination of technology, devices, or services that circumvent access control measures that are put into place to protect copyright material

Answer 6

Digital Millennium Copyright Act (DMCA)

Question 7

The ___ is the coordinating committee for Internet design, engineering, and management. It is responsible for the architectural oversight of the Internet Engineering Task Force (IETF) activities, Internet Standards Process oversight and appeal, and editor of Request for Comments (RFC)

Answer 7

Internet Architecture Board (IAB)

Question 8

The ___ Convention on Cybercrime is one example of

an attempt to create a standard international response to cybercrime

Answer 8

Council of Europe (CoE)

Question 9

The principles of using and transmitting information considered private in nature and how they are to be followed are encompassed within the EU’s ___

Answer 9

Data Protection Directive

Question 10

The ___ requirements were created to harmonize the data privacy practices of the United States with the European Union’s stricter privacy controls and to prevent accidental information disclosure and loss

Answer 10

Safe Harbor

Question 11

___ is a vendor-neutral platform for developing and implementing enterprise architectures. It is meant to reduce fragmentation that occurs due to misalignment of traditional IT systems and actual business processes

Answer 11

The Open Group Architecture Framework (TOGAF)

Question 12

The fundamental approach of ITIL lies in the creation of ___, which focuses on the overall planning of the intended IT services

Answer 12

Service Strategy