Devry SEC 440 All Quiz Latest

$40

Quantity:

Description

Devry SEC 440 All Quiz Latest

Devry SEC 440 Week 2 Quiz Latest

QUIZ 2

(TCO 1) Why is it important to prepare written policies?

It lets the policies be communicated more easily.

This helps to ensure consistency.

A policy is part of the corporate culture.

It is required by law.

In: Chapter 1, page 11

Points Received: 4 of 4

Comments:

Question 2. Question :

(TCO 2) Which of the following is NOT a threat to data confidentiality?

Hackers

Encryption

Improper access controls

IN Social engineering

In: Chapter 3, page 67

Points Received: 0 of 4

Comments:

Question 3. Question :

(TCO 1) Which of the following is MOST likely to reflect the policy audience for a corporate ethics policy at Acme Manufacturing?

All Acme Manufacturg employees and all vendors and service providers

All full- and part-time employees of Acme Manufacturg and its subsidiaries

The Acme Manufacturg board of directors

The fance, human resources, and marketg departments of Acme Manufacturg

: Chapter 2, page 45

Pots Received: 0 of 4

Comments:

Question 4. Question :

(TCO 2) Which of the followg are all federal regulations?

Sarbanes-Oxley, IEEE 802.11, and NIST 800-34

GLBA, HIPAA, and Sarbanes-Oxley

GLBA, HIPAA, and IEEE 802.11

GLBA, NIST 800-34, and Sarbanes-Oxley

: Chapter 2, page 41

Comments:

Question 5. Question :

(TCO 1) When should formation security policies, procedures, standards, and guideles be revisited?

As dicated the policy

Never; once they are written and published, they must be adhered to

Annually

When dictated by change drivers

: Chapter 1, page 18

Pots Received: 0 of 4

Comments:

Question 6. Question :

(TCO 2) What is a valid defition of data tegrity?

Knowg that the data on the screen have not been tampered with

Data that are encrypted

Data that have not been accessed by unauthorized users

The knowledge that the data are transmitted ciphertext only

: Chapter 3, page 69

Comments:

Question 7. Question :

(TCO 1) What should be the consequences of formation security policy violations?

Always up to, and cludg, termation

Immediate revocation of all user privileges

Commensurate with the criticality of formation the policy was written to protect

Violations cited the person’s annual performance review

: Chapter 1, page 24

Comments:

Question 8. Question :

(TCO 2) Match the followg terms to their meangs.

: Change driver » 2 : Any event that impacts culture, procedures, and activities with an organization

: Acceptable use agreement » 1 : List of actions that employees are not allowed to perform while usg company-provided equipment

: Statement of authority » 3 : troduction to the policy document

: Security policy document policy » 4 : Policy about a policy

: Chapter 4, page 95

Comments:

Question 9. Question :

(TCO 1) Which of the followg best describes how the penalties defed the Policy Enforcement Clause should relate to the fractions?

Any fraction should result suspension or termation.

The same penalty should apply each time an fraction occurs.

The penalty should be proportional to the level of risk curred as a result of the fraction.

Penalties should be at the discretion of management.

: Chapter 2, page 48

Comments:

Question 10. Question :

(TCO 2) Data tegrity is

protectg the data from tentional or accidental disclosure.

makg sure the data are always available when legitimately needed.

protectg the data from tentional or accidental modification.

makg sure the data are always transmitted encrypted format.

: Chapter 3, page 69

Comments:

Question 11. Question :

(TCO 1) Which is the worst that may happen if formation security policies are out of date or address technologies no longer used the organization?

People may take the policies less seriously or dismiss them entirely.

Executive management may become upset.

The company may cur unnecessary costs to change them.

People may not know which policy applies.

: Chapter 1, page 23

Comments:

Question 12. Question :

(TCO 2) Which of the followg federal regulations pertas to the medical field?

FERPA

GLBA

HIPAA

SOX

: Chapter 4, page 95

Comments:

Question 13. Question :

(TCO 1) which of the followg ways does understandg policy elements help you terpret your organization’s formation security policies?

Awareness of policy elements helps you determe the strength of the policy and whether you should take it seriously.

If you understand policy elements, you will be able to change the policies.

Knowg the purpose and goal of each section of the policy can help you better understand the tent of the policy, as well as how the policy applies to you.

You need to know the policy elements order to determe which parts of the policy apply to you.

Question 14. Question :

(TCO 2) Which of the followg federal regulations pertas to the educational field?

FERPA

GLBA

HIPAA

SOX

Question 15. Question :

(TCO 1) Which of the followg is an important function of the statement of authority?

It provides a bridge between an organization’s core values and security strategies.

It dicates who to talk to if you want to request a change the policy.

It describes the penalties for policy fractions.

It references standards, guideles, and procedures that the reader can consult for clarification of the policy.

Devry SEC 440 Week 4 Quiz Latest

(TCO 3) Which section of the ISO 17799 deals with asset classification?

2

3

4

5

Points Receied: 4 of 4

Comments:

Question 2. Question :

(TCO 4) The age group most inclined to use an online job search is

30 to 49.

18 to 29.

50 to 64.

None of the aboe—33% of persons across all age groups use online job searching.

Chapter 6, page 151

Points Receied: 4 of 4

Comments:

Question 3. Question :

(TCO 5) In ISO 17799, an area where assets are protected from man-made and natural harm is known as

secure area.

mantrap.

company property.

security perimeter.

Chapter 7, page 186

Points Receied: 4 of 4

Comments:

Question 4. Question :

(TCO 3) When it comes to information security, what is the purpose of labeling?

Communicating the sensitiity leel

Communicating the access controls

Enforcing the access controls

Auditing the access controls

Chapter 5, page 129

Points Receied: 0 of 4

Comments:

Question 5. Question :

(TCO 4) A security clearance inestigation does NOT inole research into a person’s

character.

reliability.

family connections.

trustworthiness.

Chapter 6, page 154

Points Receied: 4 of 4

Comments:

Question 6. Question :

(TCO 5) The clear desk and clear screen policy is the way to aoid which of the following kinds of physical attacks?

Shoulder surfing

Reprinting the last document from the fax machine

Looking at papers on desks

All of the aboe

Chapter 7, page 201

Points Receied: 4 of 4

Comments:

Question 7. Question :

(TCO 3) Information needs to be handled according to

its classification leel.

the statement of authority.

the access controls set forth in the asset management policy.

IN the access controls set forth in the affirmation agreement.

Chapter 5, page 129

Points Receied: 0 of 4

Comments:

Question 8. Question :

(TCO 4) Which of the following is a component of an affirmation agreement?

Statement of authority

Background check

Job description

Credit history

Chapter 6, page 160

Points Receied: 4 of 4

Comments:

Question 9. Question :

(TCO 5) What is the goal of the physical entry controls policy?

Restrict the knowledge of, access to, and actions within secure areas

Require authorized users to be authenticated and isitors to be identified and labeled

Require perimeter controls as appropriate

Make sure the organization pays attention to potential enironmental hazards and threats

Chapter 7, page 189

Points Receied: 4 of 4

Comments:

Question 10. Question :

(TCO 3) This is known as the process of downgrading the classification leel of an information asset.

Declassification

Classification reiew

Reclassification

Asset publication

Chapter 5, page 130

Points Receied: 4 of 4

Comments:

Question 11. Question :

(TCO 4) Match each of the following with its example.

: Security education » 3 : Recertification training for the network administrator

: Security training » : A presentation on creating good passwords

: Security awareness » 1: Posters reminding users to report security breaches

Chapter 6, page 165

Points Receied: 1.33 of 4

Comments:

Question 12. Question :

(TCO 5) Which of the following might the working in secure areas policy restrict from being brought into a facility?

Cameras

Recording deices

Laptop computers

All of the aboe

Chapter 7, page 192

Points Receied: 4 of 4

Comments:

Question 13. Question :

(TCO 3) When calculating the alue of an asset, which of the following is NOT a criterion?

Cost to acquire or deelop asset

Cost to maintain and protect the asset

Cost to disclose the asset

Reputation

Chapter 5, page 133

Points Receied: 0 of 4

Comments:

Question 14. Question :

(TCO 5) According to the equipment siting and protection policy, smoking, eating, and drinking will not be permitted

except in designated areas.

inside the security perimeter.

under any circumstances.

in areas where equipment is located.

Question 15. Question :

(TCO 3) A qualitatie approach to an analysis uses

hard numbers.

statistics.

expert opinions.

general population sureys.

Chapter 5, page 137

Points Receied: 4 of 4

Comments:

Devry SEC 440 Week 6 Quiz Latest

(TCO 6) An employee who fails to report a suspected security weakness

is doing his or her job.

will not be punished.

will be treated the same as if he or she had initiated a malicious act against the company.

is making sure not to aggravate the situation by making a mistake.

: 8, page 230

4 of 4

Question 2. Question :

(TCO 7) Which of the following is NOT an access control method?

MAC

RBAC

DAC

PAC

: 9, page 273

4 of 4

Question 3. Question :

(TCO 8) When is the best time to think about security when writing a new piece of code?

IN At the end, once all the modules have been written

After the users have had a chance to review the application

At the beginning of the project

After the application has been approved and authorized by the ISO

: 10, page 313

0 of 4

Question 4. Question :

(TCO 9) As it pertains to GLBA, what does NPI stand for?

Nonpublic information

Nonpublic personal information

Nonprivate information

Nonprivate personal information

: 12, page 390

4 of 4

Question 5. Question :

(TCO 6) The primary antimalware control is

an updated antivirus solution.

a firewall.

a router.

an acceptable use policy.

: 8, page 232

4 of 4

Question 6. Question :

(TCO 7) Which is the first target of a hacker who has gained access to an organization’s network?

Log files

Sensitive data

User accounts

Public data

: 9, page 276

4 of 4

Question 7. Question :

(TCO 8) Which formal security-related process should take place at the beginning of the code creation project?

Risk assessment

Input validation

Output validation

SQL injection validation

: 10, page 313

4 of 4

Question 8. Question :

(TCO 9) Who enforces the GLBA?

Eight different federal agencies and states

The FDIC

The FFIEC

The Secretary of the Treasury

: 12, page 392

4 of 4

Question 9. Question :

(TCO 6) The part of the antivirus solution that needs to be updated daily is

the DAT files.

central command.

the control panel.

the engine.

: 8, page 232

4 of 4

Question 10. Question :

(TCO 7) All users are expected to keep their password secret, unless

IN a member of the IT group asks for it.

another employee needs to log on as them.

  1. d.someone identifying themselves as the ISO asks for it.

There is no “unless.”

: 9, page 281

0 of 4

Question 11. Question :

(TCO 8) If an employee uses a company-provided application system and finds what he or she thinks is a loophole that allows access to confidential data, that employee should

alert his or her manager and the ISO immediately.

verify and test the alleged loophole before alerting anyone.

not say anything unless he or she is a member of the incident response team.

alert his or her manager whenever he or she happens to have a chance to do so.

: 10, page 317

4 of 4

Question 12. Question :

(TCO 9) What do the Interagency Guidelines require every covered institution to implement?

Quarterly risk assessments

A biannual review of the disaster recovery plan

A comprehensive written information security program

A monthly inventory of all information assets

: 12, page 394

4 of 4

Question 13. Question :

(TCO 6) Grandfather-father-son is a model used for

antivirus updates.

antispyware updates.

backup strategies.

change control management strategies.

: 8, page 236

4 of 4

Question 14. Question :

(TCO 7) Which of the following is the most popular single factor authentication method?

Cameras

IN Biometric devices

Tokens

Passwords

: 9, page 281

0 of 4

Question 15. Question :

(TCO 8) Input validation is

verifying that a piece of code does not have any inherent vulnerabilities.

making sure that employees know what information to enter in a new system.

testing an application system by entering all kinds of character strings in the provided fields.

testing what information an application system returns when information is entered.

: 10, page 318

 

DeVry Courses helps in providing the best essay writing service. If you need 100% original papers for Devry SEC 440 All Quiz Latest, then contact us through call or live chat.

Devry SEC 440 All Quiz Latest

Best Devry SEC 440 All Quiz Latest

Devry SEC 440 All Quiz Latest