It255 Final Exam Study Guide

It255 Final Exam Study Guide

  • Submitted By: rookseven
  • Date Submitted: 11/22/2013 4:40 PM
  • Category: Technology
  • Words: 1473
  • Page: 6
  • Views: 12

Final Exam Study Guide
1. Which of the following is an action that could damage an asset?
a. Risk
b. Threat
c. Data transfer
d. Information assessment
Reference: p6

2. Which law requires all types of financial institutions to protect customers’ private financial information?
a. GLBA
b. SOX
c. FISMA
d. CIPA
Reference: p9

3. An AUP is part of a layered approach to security, and it supports confidentiality. What else supports confidentiality?
a. Threat monitoring
b. Vulnerability assessments
c. Data classification standards
d. Security awareness policies
Reference: p14

4. Which of the following is a detailed written definition of how software and hardware are to be used?
a. Policy
b. Standard
c. Procedure
d. Guideline
Reference: p40
5. Which of the following is not a common type of data classification standard?
a. Guideline
b. Top secret
c. Internal use only
d. Private data
Reference: p42

6. What does a lapse in a security control or policy create?
a. Policy violation
b. Penetration testing
c. Risk mitigation
d. Security gap
Reference: p133

7. Which of the following is any weakness in a system that makes it possible for a threat to cause it harm?
a. Risk
b. Backdoor
c. Vulnerability
d. Exploit
Reference: p96

8. Which of the following terms refers to the likelihood of exposure to danger?
a. Threat
b. Risk
c. Vulnerability
d. Mitigation
Reference: p119, 121

9. Which type of attacker intends to be helpful?
a. Gray-hat hacker
b. Black-hat hacker
c. Script kiddie
d. White-hat hacker
Reference: p88

10. Which domain is primarily affected by weak endpoint security on a VPN client?
a. Remote Access Domain
b. LAN Domain
c. Workstation Domain
d. Systems/Applications Domain
Reference: p97-98

11. Identify two phases of the access control process.
a. Identification and authorization
b. Policy definition and policy enforcement
c. Knowledge and...

Similar Essays