DeVry SEC 578 Week 8 Final Exam Latest



DeVry SEC 578 Week 8 Final Exam Latest

Week 8 final exam

Question 1. 1. (TCO A) What are the goals of information security? (Points : 5)

Administrative, technical, and physical

Confidentiality, accountability, and integrity

Confidentiality, integrity, and accountability

Technical, integrity, and administrative

Confidentiality, integrity, and availability

Question 2. 2. (TCO A) Security controls protect ______. (Points : 5)




computers and networks

All of the above

Question 3. 3. (TCO B) Due care is used as a test to determine whether management has taken precautions that are ______. (Points : 5)






Question 4. 4. (TCO B) Regulations that enforce compliance, including SOX, FERPA, FISMA, and GLB, require protection of ______. (Points : 5)



types of information

personal privacy

computer systems

Question 5. 5. (TCO C) What is a privilege? (Points : 5)

The authority to use an information asset in a particular way

The ability to use an information asset in a particular way

The right to use an information asset in a particular way

The means to use an information asset in a particular way

None of the above

Question 6. 6. (TCO C) Access control can be based on ______. (Points : 5)



message routes

time of day

All of the above

Question 7. 7. (TCO D) Physical controls for electromagnetic emanations are called what? (Points : 5)





None of the above

Question 8. 8. (TCO E) What threats are most likely to compromise CIA safeguards? (Points : 5)


Malicious codes



External hackers

Question 9. 9. (TCO E) What is the name of the phenomenon in which two pieces of information are nonsensitive in isolation but when combined produce highly sensitive information? (Points : 5)




High-water mark

None of the above

Question 10. 10. (TCO F) Adversaries may be ______. (Points : 5)



news reporters

thrill seekers

All of the above

Page 2

Question 1. 1. (TCO A) Identify the phases of the Computer System Life Cycle and briefly define at least one role of the CSPM in each phase. (Points : 10)

Question 2. 2. (TCO C) What are the vulnerabilities that (1) confidentiality controls, (2) integrity controls, and (3) availability controls protect information assets against? (Points : 10)

Question 3. 3. (TCO B) If the CSPM finds that his or her company has information that needs protection according to company policy (that is, it is considered proprietary company information), but there is no external law, order, or rule that requires protection of that kind of information, how should the CSPM proceed? (Points : 10)

Question 4. 4. (TCO D) Many CSPMs would argue that CCTV should be installed in storage rooms, wiring closets, and other nonpublic areas of buildings; other CSPMs would argue that those are low-frequency access areas and do not need CCTV. How should such a decision whether to install CCTV in such nonpublic areas be made? Who should make the final decision? (Points : 10)

Question 5. 5. (TCO E) What is the single most likely event that will compromise the confidentiality, integrity, or availability of information assets? Briefly explain why you have chosen your answer. (Points : 10)

Question 6. 6. (TCO F) Explain briefly why privileged users are of concern to the CSPM. (Points : 10)

Page 3

Question 1. 1. (TCO A) Explain why understanding globalism is an important aspect of modern business and why it is also an increasingly important aspect of modern information security. Discuss at least competitive advantage as well as supply-chain issues and legal issues. (Points : 15)

Question 2. 2. (TCO B) Analyze why administrative controls should be documented. (Points : 15)

Question 3. 3. (TCO C) Explain the idea of situation awareness and identify at least five elements that should be part of situation awareness for a wide area network (WAN) environment. (Points : 15)

Question 4. 4. (TCO C) We have looked at compliance legislation for several kinds of information (e.g., health, financial, educational) and have also reviewed requirements for protection of particular kinds of information such as intellectual property (trade secrets, patents, copyrights). Most companies store, process, and handle all of these kinds of information. The number of different compliance statutes written by federal, state, local, and tribal governments and of specialty protection requirements issued by independent commissions (such as riverboat gambling commissions) continue to increase. A CSPM may have to deal with several of these laws or rules. Assuming that the CSPM has identified the rules and laws that apply to his company, how can the CSPM ensure that system controls are sufficient to satisfy all of them? (Points : 15)

Question 5. 5. (TCO D) Evaluate advantages of deploying closed-circuit television (CCTV) in a waiting room. (Points : 15)

Question 6. 6. (TCO E) The SOC was established to measure readiness. However, some components of a computer and network system are more critical for readiness than others. Let’s say that there are three levels of criticality for system components: mission critical, mission essential, and support. Using what you have learned about calculating the security category for information, devise a similar scheme for categorizing computer and network system components for readiness. (Points : 15)

DeVry Courses helps in providing the best essay writing service. If you need 100% original papers for DeVry SEC 578 Week 8 Final Exam Latest, then contact us through call or live chat.

DeVry SEC 578 Week 8 Final Exam Latest

Best DeVry SEC 578 Week 8 Final Exam Latest
DeVry SEC 578 Week 8 Final Exam Latest


There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.

Back to Top