Question: What criteria contribute to systems reliability? A. Developing and documenting policies B. Effectively communicating policies to all authorized users C. Designing appropriate control procedures D.
- What criteria contribute to systems reliability?
|
| A. | Developing and documenting policies |
|
| B. | Effectively communicating policies to all authorized users |
|
| C. | Designing appropriate control procedures |
|
| D. | Monitoring the system and taking corrective action |
|
| E. | All of the above |
|
| F. | None of the above. |
10 points
QUESTION 2
- Compliance with the Sarbanes Oxley Act of 2002 requires
|
| A. | The CEO to certify that he/she evaluates the effectiveness of internal controls. |
|
| B. | The CFO to certify that he/she evaluates the effectiveness of internal controls. |
|
| C. | The CEO and CFO must certify that they have evaluated the effectiveness of internal controls. |
|
| D. | Neither the CEO nor CFO are required to certify internal control effectiveness. |
10 points
QUESTION 3
- What type of security controls are authorization controls?
|
| A. | Corrective controls | ||
|
| B. | Detective controls | ||
|
| C. |
| ||
|
| D. | Preventive controls |
10 points
QUESTION 4
- Which of the following devices should NOT be placed in the demilitarized zone (DMZ)?
|
| A. | Mail server | |
|
| B. | Remote access server | |
|
| C. | Web server | |
|
| D. |
|
10 points
QUESTION 5
- The time based model of security does not include which factor to evaluate the effectiveness of an entity's security controls
|
| A. | The time it takes to evaluate the financial consequences from an attack. |
|
| B. | The time it takes to respond to an attack. |
|
| C. | The time it takes to determine that an attack is in progress. |
|
| D. | The time it takes an attacker to break through the entity's preventative controls. |
10 points
QUESTION 6
- Defense in depth utilizes what techniques to assure security?
|
| A. | Employs multiple layers of controls |
|
| B. | Provides redundancy of controls |
|
| C. | Utilizes overlapping and complementary controls |
|
| D. | All of the above |
|
| E. | None of the above |
10 points
QUESTION 7
- Which of the following statements is true regarding authorization controls?
|
| A. |
| ||
|
| B. | Permits the user to engage in all operating actions | ||
|
| C. | Permits the user unlimited ability to change information | ||
|
| D. | All of the above. | ||
|
| E. | None of the above. |
10 points
QUESTION 8
- Which of the following items are considered detective controls?
|
| A. | Log analysis |
|
| B. | Intrusion detection systems |
|
| C. | Authentication controls |
|
| D. | Both A and B |
|
| E. | None of the above |
10 points
QUESTION 9
- Which of the following is an example of a corrective control?
|
| A. | Log analysis | |
|
| B. | Encryption | |
|
| C. |
| |
|
| D. | Patch management |
10 points
QUESTION 10
- Which type of network filtering screens individual IP packets based solely on its contents?
|
| A. | Static packet filtering | |
|
| B. |
| |
|
| C. | Deep packet filtering | |
|
| D. | None of the above |
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help