FINAL EXAM: Study Guide Essay
1. Which of the following is an action that could damage an asset?
2. Which law requires all types of financial institutions to protect customers’ private financial information?
3. An AUP is part of a layered approach to security, and it supports confidentiality. What else supports confidentiality?
4. Which of the following is a detailed written definition of how software and hardware are to be used?
5. Which of the following is not a common type of data classification standard?
6. What does a lapse in a security control or policy create?
7. Which of the following is any weakness in a system that makes it possible for a threat to cause it harm?
8. Which of the following terms refers to the likelihood of exposure to danger?
9. Which type of attacker intends to be helpful?
10. Which domain is primarily affected by weak endpoint security on a VPN client?
11. Identify two phases of the access control process.
12. You log onto a network and are asked to present a combination of elements, such as user name, password, token, smart card, or biometrics.
This is an example of which of the following?
13. Which of the following is a type of authentication?
14. Identify an example of an access control formal model.
15. Which of the following access control models is based on a mathematical theory published in 1989 to ensure fair competition?
16. Which of the following are primary categories of rules that most organizations must comply with?
17. Which of the following is not a part of an ordinary IT security policy framework?
18. Which of the following helps you determine the appropriate access to classified data?
19. Which of the following refers to the management of baseline settings for a system device?
20. Identify a primary step of the SDLC.
21. Which of the following is a process to verify policy compliance?
22. When monitoring a system for anomalies, the system is measured against _.
23. Which of the following is not a type of penetration test?
24. Identify a drawback of log monitoring.
25. Which of the following is not a type of monitoring device?
26. Identify the primary components of risk management.
27. Which of the following is not a part of a quantitative risk assessment?
28. What are the primary components of business continuity management (BCM)?
29. Which of the following determines the extent of the impact that a particular incident would have on business operations over time?
30. What does risk management directly affect?
31. Which of the following is a cipher that shifts each letter in the English alphabet a fixed number of positions, with Z wrapping back to A?
32. Identify a security objective that adds value to a business.
33. Which of the following is an asymmetric encryption algorithm?
34. Identify a security principle that can be satisfied with an asymmetric digital signature and not by a symmetric signature.
35. Which of the following is a mechanism for accomplishing confidentiality, integrity, authentication, and nonrepudiation?
36. In which OSI layer do you find FTP, HTTP, and other programs that end users interact with?
37. Identify the configuration that is best for networks with varying security levels, such general users, a group of users working on a secret research project, and a group of executives.
38. Which of the following would you not expect to find on a large network?
39. Which of the following is a weakness of WLANs?
40. Identify an advantage of IPv6 over IPv4.
41. Identify one of the first computer viruses to appear in the world.
42. Which of the following is not a primary type of computer attack?
43. How do worms propagate to other systems?
44. Which of the following type of program is also commonly referred to as a Trojan horse?
45. Which defense-in-depth layer involves the use of chokepoints?
46. How does a standard differ from a compliance law?
47. Which of the following is not a principle of the PCI DSS?
48. Identify the compliance law that requires adherence to the minimum necessary rule.
49. Identify the compliance law whose primary goal is to protect investors from fi nancial fraud. 50. U.S. organizations must comply with
Study Acers provides students with tutoring and help them save time, and excel in their courses. Students LOVE us!No matter what kind of essay paper you need, it is simple and secure to hire an essay writer for a price you can afford at StudyAcers. Save more time for yourself. Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more