computer information security w8

computer information security w8

QUESTION 1

  1. The
    , consists of a list of major tasks and attributes, as well as smaller tasks or specific action steps under each major task.

4 points  

QUESTION 2

  1. 22. What is the range for well-known ports in the TCP/IP protocol suite?

    A.

    B.

    C.

    D.

4 points  

QUESTION 3

  1. Which two steps within the Risk Management Framework replaced the C&A approach?

    A.

    B.

    C.

    D.

4 points  

QUESTION 4

  1. The
    of a threat is the overall rating, or numerical value, of the probability that a specific vulnerability will be exploited.

4 points  

QUESTION 5

  1. True or False: Asset valuation is the process of assigning financial value or worth to each information asset.

4 points  

QUESTION 6

  1. A
    lists activities on a vertical axis, with the horizontal axis representing a time line.

4 points  

QUESTION 7

  1. After plaintext messages have been encrypted, the encrypted text is known as
    .

4 points  

QUESTION 8

  1. The
    is used to declare the intended areas of operation for a business.

4 points  

QUESTION 9

  1. Operational feasibility, which refers to user acceptance and support, as well as management acceptance and support, is also known as
    .

4 points  

QUESTION 10

  1. True or False: It is the CISO’s responsibility to ensure that InfoSec functions are performed within an organization.

4 points  

QUESTION 11

  1. use a challenge response mechanism in which a server challenges a user with a number, which a user must then enter into a device to calculate the response number.

4 points  

QUESTION 12

  1. In security management, which term describes a comprehensive assessment of both technical and nontechnical protection strategies for a particular system?

    A.

    B.

    C.

    D.

4 points  

QUESTION 13

  1. Which of the following is described as processes that ensure all actions on a system can be attributed to an authenticated identity?

    A.

    B.

    C.

    D.

4 points  

QUESTION 14

  1. What is the formula for calculating risk?

    A.

    B.

    C.

    D.

4 points  

QUESTION 15

  1. An organization is considered to be medium-sized when it has approximately how many devices?

    A.

    B.

    C.

    D.

4 points  

QUESTION 16

  1. The
    is the responsibility of the CISO, and is designed to reduce incidence of accidental security breaches by organization members.

4 points  

QUESTION 17

  1. The
    uses categories instead of specific values to determine risk.

4 points  

QUESTION 18

  1. 23. Wireshark is an example of what type of utility?

    A.

    B.

    C.

    D.

4 points  

QUESTION 19

  1. Which term below defines the identification and assessment of levels of risk within an organization?

    A.

    B.

    C.

    D.

4 points  

QUESTION 20

  1. A(n)
    is often a self-employed or agent contractor, hired to perform a specific task or work on a specific project.

4 points  

QUESTION 21

  1. The
    is a set of recommended or best practices for organizations using payment cards.

4 points  

QUESTION 22

  1. True or False: The CISSP certification is intended for security professionals that may not have much experience in InfoSec.

4 points  

QUESTION 23

  1. True or False: The Critical Path Method is fundamentally different from the PERT diagram.

4 points  

QUESTION 24

  1. In the likelihood and consequences rating from the Australian and New Zealand Risk Management Standard 4360, a risk level of 5 indicates what level of consequences?

    A.

    B.

    C.

    D.

4 points  

QUESTION 25

  1. The
    can be calculated using the values from an ARO multiplied by the values from an SLE.