Question 1

1 out of 1 points A job description should NOT provide which of the following types of information? Answer Selected Answer: Systems and software used for security

Question 2
1 out of 1 points The age group most inclined to use an online job search is Answer Selected Answer: 18 to 29

Question 3
1 out of 1 points Which of the following are types of background checks? Answer Selected Answer: All of these

Question 4
1 out of 1 points Which of the following is NOT a type of employee agreement? Answer Selected Answer: Certification maintenance agreement

Question 5

1 out of 1 points An information security affirmation agreement would be likely to cover the use of Answer Selected Answer: email

Question 6
1 out of 1 points A(n) ________ should never be allowed to tour the facility. Answer Selected Answer: job candidate

Question 7
3 out of 3 points Match each type of employee agreement with its description. Answer Question Acceptable use agreement B. Focuses on proper use of information systems Employee information security affirmation agreement A. Teaches the importance of security and instills organizational values C. Protects against unauthorized disclosure of information Selected Match

Confidentiality agreement

Question 8
0 out of 3 points Match each of the following with its example.

Answer Question Security awareness C. posters reminding users to report security breaches Security training A. recertification training for the network administrator Security education B. a presentation on creating good passwords Selected Match

Question 1
1 out of 1 points What does "UPS" stand for? Answer Selected Answer: Uninterruptible Power Supply

Question 2
1 out of 1 points In ISO 17799, an area where assets are protected from man-made and natural harm is known as: Answer Selected Answer: Secure area

Question 3
1 out of 1 points The Clear Desk and Clear Screen Policy is the way to avoid which of the following kinds of physical attacks? Answer

Selected Answer: All of these

Question 4
1 out of 1 points What is the goal of the Physical Entry Controls Policy? Answer Selected Answer: Require authorized users to be authenticated, and visitors to be identified, labeled, and authorized

Question 5
1 out of 1 points What is the purpose of a Working in Secure Areas Policy? Answer Selected Answer: Protect information assets to prevent unauthorized access or damage to secure areas

Question 6
1 out of 1 points How are the controls called for by the Working in Secure Areas Policy considered in relation to any other physical controls? Answer Selected Answer: They are considered additional to any other physical controls

Question 7
1 out of 1 points

According to the Equipment Siting and Protection Policy, smoking, eating, and drinking will not be permitted: Answer Selected Answer: In areas where equipment is located

Question 8
1 out of 1 points Why is it sometimes better to isolate critical equipment, than it is to apply additional protective measures, in order to protect against exposure to greater hazards or risks from unauthorized access? Answer Selected Answer: It can be less costly

Question 9
1 out of 1 points A ________ is a perimeter security control comprised of a series of two or more sets of doors designed so that one set cannot be opened until the other is closed, and both can be locked to trap an intruder. Answer Selected Answer: man trap

Question 10
3 out of 3 points Match the following terms to their meanings. Answer Question Brownout B. Period of low voltage Selected Match

Blackout A. Interruption/failure of power Power surge C. Increase in the voltage

Question 1
0 out of 1 points Who should review suspected security weaknesses? Answer Selected Answer: The ISO Correct Answer: Authorized personnel only

Question 2
1 out of 1 points Anti-malware prevention controls will Answer Selected Answer: Stop malicious code from infecting a computer Correct Answer: Stop malicious code from infecting a computer

Question 3
1 out of 1 points The part of the anti-virus solution that needs to be updated daily is Answer Selected Answer: The DAT files Correct Answer: The DAT files

 Question 4
1 out of 1 points How many weekly tapes are needed in a Grandfather-father-son backup model? Answer Selected Answer: 5 Correct Answer: 5

Question 5
1 out of 1 points Once tapes are not used to back up data they should be Answer Selected Answer: Sent offsite Correct Answer: Sent offsite

Question 6
0 out of 1 points When should a list of all media used in the company be created? Answer Selected Answer: During a threat assessment Correct Answer: During a risk assessment

Question 7
0 out of 1 points Which of the following is true about penetration testing? Answer

Selected Answer: It should happen on a monthly basis Correct Answer: Any business with publicly-available systems should schedule them

Question 8
3 out of 3 points Match the following change control process steps and their order. Answer Question Logging changes Communication Assessment Correct Match Selected Match A. second step B. third step C. first step A. second step B. third step C. first step

Question 9
4 out of 4 points Match the following malware types with their characteristics. Answer Question Trojan horse Worm Correct Match B. malware that masquerades as a benign application A. malware that self-replicates and targets a known vulnerability C. malware that lies dormant until a pre-determined condition is met D. malware that requires a host to replicate itself Selected Match B. malware that masquerades as a benign application A. malware that self-replicates and targets a known vulnerability C. malware that lies dormant until a pre-determined condition is met D. malware that requires a host to replicate itself

Logic bomb Virus

 Question 10
1 out of 1 points A RAT is Answer Selected Answer: Correct Answer: A piece of malicious code that allows remote access to the infected machine A piece of malicious code that allows remote access to the infected machine

Question 11
1 out of 1 points Which of the following CANNOT be considered portable storage devices? Answer Selected Answer: None of these Correct Answer: None of these

Question 12
1 out of 1 points Any courier can be used to transport company media as long as Answer Selected Answer: They have been authorized by the ISO Correct Answer: They have been authorized by the ISO

Question 1
1 out of 1 points Which of the following provide a way and place to process, store, transmit, and

communicate information? Answer Selected Answer: Information systems

Question 2
1 out of 1 points Which data classification method is used by the US military? Answer Selected Answer: MAC

Question 3
1 out of 1 points Information labels should be Answer Selected Answer: universally understandable

Question 4
1 out of 1 points Who is directly responsible for defining information asset protection? Answer Selected Answer: The Information Owner

Question 5
1 out of 1 points Who is directly responsible for implementing information asset protection controls?

Answer Selected Answer: The Information Custodian

Question 6
1 out of 1 points Hardware assets are Answer Selected Answer: tangible pieces of equipment

Question 7
1 out of 1 points Which of the following is NOT an example of a software asset? Answer Selected Answer: Wireless access point

Question 8
1 out of 1 points Criticality ________ provide a company with the basis on which to prioritize and allocate resources. Answer Selected Answer: rating

Question 9
1 out of 1 points If the classification level of an asset must be upgraded, it is a process known as ________.

Answer Selected Answer: reclassification

Question 10
1 out of 1 points Commercial asset classification model: match the level with the definition. Answer Question Restricted B. Business-centric information to be used internally only Sensitive A. Sometimes referred to as "personal" or "privileged" Public C. Information that does not require protection Confidential D. Meant to be kept secret and restricted to only a small circle of employees Selected Match

Question 11
3 out of 3 points You have been tasked with creating an inventory system in a computer lab. List five characteristics for software and hardware assets in the lab, that you will use to identify each asset. Answer Selected Answer: Date of Last Access Model Number Room Location Purchase Date Product Name