Question Details

CIS 502 Week 1 Q: Which of the following reviews and verifies that the security policy is properly implemented and the derived security solutions are adequate?
  
Security professional
  
Data custodian
  
Data owner
  
Auditor


Q: Which of the following defines a minimum level of security that must be met by every system throughout an organization?
  
Baseline
  
Classification
  
Guideline
  
Ownership

Q: Which of the following is the opposite of confidentiality that is one of the CIA elements of risk management?
  
Destruction
  
Distribution
  
Alteration
  
Disclosure

Q: Which of the following determines what users can access data?
  
Data user
  
Data custodian
  
Data owner
  
Process owner


Q: Which of the following describes the freedom from being observed, monitored, or examined without consent or knowledge?
  
Integrity
  
Privacy
  
Authentication
  
Accountability

Q: Which of the following is the process by which a subject professes an identity and accountability is initiated?
  
Validation
  
Authorization
  
Identification
  
Authentication

Q: Which of the following is a document that defines the scope of security required by an organization?
  
Operational level agreement
  
Underpinning contract
  
Service level agreement
  
Security policy


Q: Which of the following is the opposite of integrity that is one of the CIA elements of risk management?
  
Alteration
  
Disclosure
  
Distribution
  
Destruction

Q: Which of the following is the opposite of availability in terms of information security?
  
Destruction
  
Distribution
  
Alteration
  
Disclosure



Q: Which of the following verifies whether security controls are in place and working correctly?
  
Data user
  
Process owner
  
Data owner
  
Data custodian

Q: Which of the following legislations has the greatest influence on security governance?
  
Health Insurance Portability and Accountability Act
  
Gramm-Leach-Bliley Act
  
Foreign Corrupt Practices Act
  
Sarbanes-Oxley Act

Q: Which of the following legislations has the greatest influence on security governance?
  
Health Insurance Portability and Accountability Act
  
Gramm-Leach-Bliley Act
  
Foreign Corrupt Practices Act
  
Sarbanes-Oxley Act



Q: Which of the following specifies a common foundational secure state upon which all additional and stringent security measures can be established?
  
Ownership
  
Baseline
  
Classification
  
Guideline


Q: Which of the following have the main motive to formalize and stratify the process of securing data depending on assigned labels of importance and sensitivity?
  
Baselines
  
Guidelines
  
Procedures
  
Data classification schemes

Q: Which of the following is the characteristic of security?
  
Cost effective
  
Immeasurable
  
Infinite
  
Massive


Q: Who is responsible for the tasks of implementing the prescribed protection defined by the security policy and senior management?
  
Data owner
  
Auditor
  
Security professional
  
Data custodian

Q: Which of the following is the formal assignment of responsibility to an individual or group?
  
Ownership
  
Classification
  
Procedure
  
Guideline



Q: Which of the following is primarily responsible for determining the classification level for information?
  
User
  
Functional manager
  
Owner
  
Senior management


Q: Which of the following is also referred to as defense in depth?
  
Encryption
  
Layering
  
Authentication
  
Polymorphism

Q: Which of the following roles is assigned to the person who classifies information for placement and protection within the security solution?
  
Data custodian
  
Data owner
  
Auditor
  
Security professional

Q: Which of the following is typically not a characteristic considered when classifying data?
  
Size of object
  
Useful lifetime
  
National security implications
  
Value