SEC 440 DeVry Complete Quiz Package



Product Description

SEC 440 DeVry Complete Quiz Package

SEC 440 DeVry Complete Quiz Package



SEC 440 DeVry Week 2 Quiz Latest

Question 1. Question: (TCO 1) Why is it important to prepare written policies?

  • It lets the policies be communicated more easily.
  • This helps to ensure consistency.
  • A policy is part of the corporate culture.
  • It is required by law.

Question 2. Question: (TCO 2) Which of the following is NOT a threat to data confidentiality?

  • Hackers
  • Encryption
  • Improper access controls
  • IN Social engineering In

Question 3. Question : (TCO 1) Which of the following is MOST likely to reflect the policy audience for a corporate ethics policy at Acme Manufacturing?

  • All Acme Manufacturg employees and all vendors and service providers
  • All full- and part-time employees of Acme Manufacturg and its subsidiaries
  • The Acme Manufacturg board of directors
  • The fance, human resources, and marketg departments of Acme Manufacturg

Question 4. Question : (TCO 2) Which of the following are all federal regulations?

  • Sarbanes-Oxley, IEEE 802.11, and NIST 800-34
  • GLBA, HIPAA, and Sarbanes-Oxley
  • GLBA, HIPAA, and IEEE 802.11
  • GLBA, NIST 800-34, and Sarbanes-Oxley

Question 5. Question : (TCO 1) When should formation security policies, procedures, standards, and guideles be revisited?

  • As dicated the policy
  • Never; once they are written and published, they must be adhered to
  • Annually
  • When dictated by change drivers

Question 6. Question : (TCO 2) What is a valid defition of data tegrity?

  • Knowg that the data on the screen have not been tampered with
  • Data that are encrypted
  • Data that have not been accessed by unauthorized users
  • The knowledge that the data are transmitted cipher text only

Question 7. Question : (TCO 1) What should be the consequences of formation security policy violations?

  • Always up to, and cludg, termation
  • Immediate revocation of all user privileges
  • Commensurate with the criticality of formation the policy was written to protect
  • Violations cited the person’s annual performance review

Question 8. Question : (TCO 2) Match the followg terms to their meangs.

: Change driver » 2 : Any event that impacts culture, procedures, and activities with an organization

: Acceptable use agreement » 1 : List of actions that employees are not allowed to perform while usg company-provided equipment

: Statement of authority » 3 : introduction to the policy document

: Security policy document policy » 4 : Policy about a policy

Question 9. Question : (TCO 1) Which of the followg best describes how the penalties defed the Policy Enforcement Clause should relate to the fractions?

  • Any fraction should result suspension or termation.
  • The same penalty should apply each time an fraction occurs.
  • The penalty should be proportional to the level of risk curred as a result of the fraction.
  • Penalties should be at the discretion of management.

Question 10. Question : (TCO 2) Data tegrity is

  • protectg the data from tentional or accidental disclosure.
  • makg sure the data are always available when legitimately needed.
  • protectg the data from tentional or accidental modification.
  • makg sure the data are always transmitted encrypted format.

Question 11. Question : (TCO 1) Which is the worst that may happen if formation security policies are out of date or address technologies no longer used the organization?

  • People may take the policies less seriously or dismiss them entirely.
  • Executive management may become upset.
  • The company may cur unnecessary costs to change them.
  • People may not know which policy applies.

Question 12. Question : (TCO 2) Which of the followg federal regulations pertas to the medical field?

  • GLBA
  • SOX

Question 13. Question : (TCO 1) which of the followg ways does understandg policy elements help you terpret your organization’s formation security policies?

  • Awareness of policy elements helps you determe the strength of the policy and whether you should take it seriously.
  • If you understand policy elements, you will be able to change the policies.
  • Knowg the purpose and goal of each section of the policy can help you better understand the tent of the policy, as well as how the policy applies to you.
  • You need to know the policy elements order to determe which parts of the policy apply to you.

Question 14. Question : (TCO 2) Which of the followg federal regulations pertas to the educational field?

  • GLBA
  • SOX

Question 15. Question : (TCO 1) Which of the followg is an important function of the statement of authority?

  • It provides a bridge between an organization’s core values and security strategies.
  • It dicates who to talk to if you want to request a change the policy.
  • It describes the penalties for policy fractions.
  • It references standards, guideles, and procedures that the reader can consult for clarification of the policy.

SEC 440 DeVry Week 4 Quiz Latest

Question 1. Question : (TCO 3) Which section of the ISO 17799 deals with asset classification?

  • 2
  • 3
  • 4
  • 5

Question 2. Question : (TCO 4) The age group most inclined to use an online job search is

  • 30 to 49.
  • 18 to 29.
  • 50 to 64.
  • None of the above

Question 3. Question : (TCO 5) In ISO 17799, an area where assets are protected from man-made and natural harm is known as

  • secure area.
  • mantrap.
  • company property.
  • security perimeter.

Question 4. Question : (TCO 3) When it comes to information security, what is the purpose of labeling?

  • Communicating the sensitiity leel
  • Communicating the access controls
  • Enforcing the access controls
  • Auditing the access controls

Question 5. Question : (TCO 4) A security clearance inestigation does NOT inole research into a person’s

  • character.
  • reliability.
  • family connections.
  • trustworthiness.

Question 6. Question : (TCO 5) The clear desk and clear screen policy is the way to aoid which of the following kinds of physical attacks?

  • Shoulder surfing
  • Reprinting the last document from the fax machine
  • Looking at papers on desks
  • All of the above

Question 7. Question : (TCO 3) Information needs to be handled according to

  • its classification leel.
  • the statement of authority.
  • the access controls set forth in the asset management policy.
  • IN the access controls set forth in the affirmation agreement.

Question 8. Question : (TCO 4) Which of the following is a component of an affirmation agreement?

  • Statement of authority
  • Background check
  • Job description
  • Credit history

Question 9. Question : (TCO 5) What is the goal of the physical entry controls policy?

  • Restrict the knowledge of, access to, and actions within secure areas
  • Require authorized users to be authenticated and isitors to be identified and labeled
  • Require perimeter controls as appropriate
  • Make sure the organization pays attention to potential enironmental hazards and threats

Question 10. Question : (TCO 3) This is known as the process of downgrading the classification leel of an information asset.

  • Declassification
  • Classification review
  • Reclassification
  • Asset publication

Question 11. Question : (TCO 4) Match each of the following with its example.

: Security education » 3 : Recertification training for the network administrator

: Security training » : A presentation on creating good passwords

: Security awareness » 1: Posters reminding users to report security breaches

Question 12. Question : (TCO 5) Which of the following might the working in secure areas policy restrict from being brought into a facility?

  • Cameras
  • Recording devices
  • Laptop computers
  • All of the above

Question 13. Question : (TCO 3) When calculating the alue of an asset, which of the following is NOT a criterion?

  • Cost to acquire or develop asset
  • Cost to maintain and protect the asset
  • Cost to disclose the asset
  • Reputation

Question 14. Question : (TCO 5) According to the equipment siting and protection policy, smoking, eating, and drinking will not be permitted

  • except in designated areas.
  • inside the security perimeter.
  • under any circumstances.
  • in areas where equipment is located.

Question 15. Question : (TCO 3) A qualitative approach to an analysis uses

  • hard numbers.
  • statistics.
  • expert opinions.
  • general population surveys.

SEC 440 DeVry Week 6 Quiz Latest

Question 1. Question : (TCO 6) An employee who fails to report a suspected security weakness

  • is doing his or her job.
  • will not be punished.
  • will be treated the same as if he or she had initiated a malicious act against the company.
  • is making sure not to aggravate the situation by making a mistake.

Question 2. Question : (TCO 7) Which of the following is NOT an access control method?

  • MAC
  • RBAC
  • DAC
  • PAC

Question 3. Question : (TCO 8) When is the best time to think about security when writing a new piece of code?

  • IN At the end, once all the modules have been written
  • After the users have had a chance to review the application
  • At the beginning of the project
  • After the application has been approved and authorized by the ISO

Question 4. Question : (TCO 9) As it pertains to GLBA, what does NPI stand for?

  • Nonpublic information
  • Nonpublic personal information
  • Nonprivate information
  • Nonprivate personal information

Question 5. Question : (TCO 6) The primary antimalware control is

  • an updated antivirus solution.
  • a firewall.
  • a router.
  • an acceptable use policy.

Question 6. Question : (TCO 7) Which is the first target of a hacker who has gained access to an organization’s network?

  • Log files
  • Sensitive data
  • User accounts
  • Public data

Question 7. Question : (TCO 8) Which formal security-related process should take place at the beginning of the code creation project?

  • Risk assessment
  • Input validation
  • Output validation
  • SQL injection validation

Question 8. Question : (TCO 9) Who enforces the GLBA?

  • Eight different federal agencies and states
  • The FDIC
  • The FFIEC
  • The Secretary of the Treasury

Question 9. Question : (TCO 6) The part of the antivirus solution that needs to be updated daily is

  • the DAT files.
  • central command.
  • the control panel.
  • the engine.

Question 10. Question : (TCO 7) All users are expected to keep their password secret, unless

  • IN a member of the IT group asks for it.
  • another employee needs to log on as them.
  • d. someone identifying themselves as the ISO asks for it.
  • There is no “unless.”

Question 11. Question : (TCO 8) If an employee uses a company-provided application system and finds what he or she thinks is a loophole that allows access to confidential data, that employee should

  • alert his or her manager and the ISO immediately.
  • verify and test the alleged loophole before alerting anyone.
  • not say anything unless he or she is a member of the incident response team.
  • alert his or her manager whenever he or she happens to have a chance to do so.

Question 12. Question : (TCO 9) What do the Interagency Guidelines require every covered institution to implement?

  • Quarterly risk assessments
  • A biannual review of the disaster recovery plan
  • A comprehensive written information security program
  • A monthly inventory of all information assets

Question 13. Question : (TCO 6) Grandfather-father-son is a model used for

  • antivirus updates.
  • antispyware updates.
  • backup strategies.
  • change control management strategies.

Question 14. Question : (TCO 7) Which of the following is the most popular single factor authentication method?

  • Cameras
  • IN Biometric devices
  • Tokens
  • Passwords

Question 15. Question : (TCO 8) Input validation is

  • verifying that a piece of code does not have any inherent vulnerabilities.
  • making sure that employees know what information to enter in a new system.
  • testing an application system by entering all kinds of character strings in the provided fields.
  • testing what information an application system returns when information is entered.
SEC 440 DeVry Complete Quiz Package

SEC 440 DeVry Complete Quiz Package



There are no reviews yet.

Add your review