Description of this paper

quiz sec440 1 hour and 15 minutes

Description

solution


Question

1. (TCO 6) Which section of the ISO 17799 deals with the communications and operations management standard? (Points: 4) 5;8;4;10;Question 2. 2. (TCO 7) Which domain of the ISO 17799:2000 is dedicated to access control? (Points: 4) 8;9;10;11;Question 3. 3. (TCO 8) Retroactively injecting security into existing code at the end of a development project usually results in which of the following? (Points: 4) A perfectly secure application;Creating new vulnerabilities;A complete and secure review of the code;None of the above;Question 4. 4. (TCO 9) As it pertains to GLBA, what does NPI stand for? (Points: 4) Nonpublic information;Nonpublic personal information;Nonprivate information;Nonprivate personal information;Question 5. 5. (TCO 6) Once an antivirus solution is installed on a machine (Points: 4) that machine is safe forever.;that machine will not get infected.;that machine will not need to be monitored.;that antivirus solution will need to be updated regularly.;Question 6. 6. (TCO 7) Which of the following situations should NOT require interaction between HR and IT? (Points: 4) New account creation;User account deletion;Employee termination;Transmission of encrypted data;Question 7. 7. (TCO 8) Having a third-party consultant review internally developed code is an example of (Points: 4) what not to do.;the need-to-know principle.;the separation of duties principle.;mandatory access control.;Question 8. 8. (TCO 9) Who enforces the GLBA? (Points: 4) Eight different federal agencies and states;The FDIC;The FFIEC;The Secretary of the Treasury;Question 9. 9. (TCO 6) Ports are to IP addresses what _____ are to phone numbers. (Points: 4) extensions;handles;numeric pads;phone cables;Question 10. 10. (TCO 7) What happens when a user logs on with a special privilege account? (Points: 4) All tasks performed during that session will exist under the security context of that account.;Only administrative tasks performed during that session will exist under the security context of that account.;No malicious code can infect the machine.;Web surfing capabilities are always suspended.;Question 11. 11. (TCO 8) Malicious data modification and/or tampering is an attack against (Points: 4) data confidentiality.;data integrity.;data availability.;data accountability.;Question 12. 12. (TCO 9) As it pertains to GLBA, automotive dealers, check-cashing businesses, and courier services, among many others, are referred to as (Points: 4) companies that provide nontraditional services.;companies that provide traditional services.;fiduciary institutions.;traditional lenders.;Question 13. 13. (TCO 6) The only way to know that a backup operation was successful before a need situation arises is to (Points: 4) test it.;store the tapes where they won?t be harmed or stolen.;run a live restore when a file is needed.;just look at the logs on the backup application.;Question 14. 14. (TCO 7) Who should know a user?s password? (Points: 4) The user?s direct manager;No one other than the user;The ISO;The owner of the company;Question 15. 15. (TCO 8) Input validation is (Points: 4) verifying that a piece of code does not have any inherent vulnerabilities.;making sure that employees know what information to enter in a new system.;testing an application system by entering all kinds of character strings in the provided fields.;testing what information an application system returns when information is entered.

 

Paper#69018 | Written in 18-Jul-2015

Price : $22
SiteLock