(TCO 6) An employee who fails to report a suspected security weakness (Points : 4)

| March 14, 2016

Posted By:
Feedback Score:
95% (685 ratings)
Report this Question as Inappropriate
1. (TCO 6) An employee who fails to report a suspected security weakness (Points : 4) is doing his or her job.
will not be punished.
will be treated the same as if he or she had initiated a malicious act against the company.
is making sure not to aggravate the situation by making a mistake.

Question 2. 2. (TCO 7) Which of the following is NOT an access control method? (Points : 4)

Question 3. 3. (TCO 8) When is the best time to think about security when writing a new piece of code? (Points : 4)
At the end, once all the modules have been written
After the users have had a chance to review the application
At the beginning of the project
After the application has been approved and authorized by the ISO

Question 4. 4. (TCO 9) As it pertains to GLBA, what does NPI stand for? (Points : 4)
Nonpublic information
Nonpublic personal information
Nonprivate information
Nonprivate personal information

Question 5. 5. (TCO 6) The primary antimalware control is (Points : 4)
an updated antivirus solution.
a firewall.
a router.
an acceptable use policy.

Question 6. 6. (TCO 7) Which is the first target of a hacker who has gained access to an organization’s network? (Points : 4)
Log files
Sensitive data
User accounts
Public data

Question 7. 7. (TCO 8) Which formal security-related process should take place at the beginning of the code creation project? (Points : 4)
Risk assessment
Input validation
Output validation
SQL injection validation

Question 8. 8. (TCO 9) Who enforces the GLBA? (Points : 4)
Eight different federal agencies and states
The Secretary of the Treasury

Question 9. 9. (TCO 6) The part of the antivirus solution that needs to be updated daily is (Points : 4)
the DAT files.
central command.
the control panel.
the engine.

Question 10. 10. (TCO 7) All users are expected to keep their password secret, unless (Points : 4)
a member of the IT group asks for it.
another employee needs to log on as them.
d. someone identifying themselves as the ISO asks for it.
There is no “unless.”

Question 11. 11. (TCO 8) If an employee uses a company-provided application system and finds what he or she thinks is a loophole that allows access to confidential data, that employee should (Points : 4)
alert his or her manager and the ISO immediately.
verify and test the alleged loophole before alerting anyone.
not say anything unless he or she is a member of the incident response team.
alert his or her manager whenever he or she happens to have a chance to do so.

Question 12. 12. (TCO 9) What do the Interagency Guidelines require every covered institution to implement? (Points : 4)
Quarterly risk assessments
A biannual review of the disaster recovery plan
A comprehensive written information security program
A monthly inventory of all information assets

Question 13. 13. (TCO 6) Grandfather-father-son is a model used for (Points : 4)
antivirus updates.
antispyware updates.
backup strategies.
change control management strategies.

Question 14. 14. (TCO 7) Which of the following is the most popular single factor authentication method? (Points : 4)
Biometric devices

Question 15. 15. (TCO 8) Input validation is (Points : 4)
verifying that a piece of code does not have any inherent vulnerabilities.
making sure that employees know what information to enter in a new system.
testing an application system by entering all kinds of character strings in the provided fields.
testing what information an application system returns when information is entered.

Order your essay today and save 30% with the discount code: ESSAYHELP
Order your essay today and save 30% with the discount code: ESSAYHELPOrder Now