quiz sec440

• 
• 
  
• 
  

1. (TCO 6) Which section of the ISO 17799 deals with the communications and operations management standard? (Points : 4)       5

      8

      4

      10

Question 2. 2. (TCO 7) Which domain of the ISO 17799:2000 is dedicated to access control? (Points : 4)       8       9       10       11

Question 3. 3. (TCO 8) Retroactively injecting security into existing code at the end of a development project usually results in which of the following? (Points : 4)       A perfectly secure application       Creating new vulnerabilities       A complete and secure review of the code       None of the above

Question 4. 4. (TCO 9) As it pertains to GLBA, what does NPI stand for? (Points : 4)       Nonpublic information       Nonpublic personal information       Nonprivate information       Nonprivate personal information

Question 5. 5. (TCO 6) Once an antivirus solution is installed on a machine (Points : 4)       that machine is safe forever.       that machine will not get infected.       that machine will not need to be monitored.       that antivirus solution will need to be updated regularly.

Question 6. 6. (TCO 7) Which of the following situations should NOT require interaction between HR and IT? (Points : 4)       New account creation       User account deletion       Employee termination       Transmission of encrypted data

Question 7. 7. (TCO 8) Having a third-party consultant review internally developed code is an example of (Points : 4)       what not to do.       the need-to-know principle.       the separation of duties principle.       mandatory access control.

Question 8. 8. (TCO 9) Who enforces the GLBA? (Points : 4)       Eight different federal agencies and states       The FDIC       The FFIEC       The Secretary of the Treasury

Question 9. 9. (TCO 6) Ports are to IP addresses what _____ are to phone numbers. (Points : 4)       extensions       handles       numeric pads       phone cables

Question 10. 10. (TCO 7) What happens when a user logs on with a special privilege account? (Points : 4)       All tasks performed during that session will exist under the security context of that account.       Only administrative tasks performed during that session will exist under the security context of that account.       No malicious code can infect the machine.       Web surfing capabilities are always suspended.

Question 11. 11. (TCO 8) Malicious data modification and/or tampering is an attack against (Points : 4)       data confidentiality.       data integrity.       data availability.       data accountability.

Question 12. 12. (TCO 9) As it pertains to GLBA, automotive dealers, check-cashing businesses, and courier services, among many others, are referred to as (Points : 4)       companies that provide nontraditional services.       companies that provide traditional services.       fiduciary institutions.       traditional lenders.

Question 13. 13. (TCO 6) The only way to know that a backup operation was successful before a need situation arises is to (Points : 4)       test it.       store the tapes where they won’t be harmed or stolen.       run a live restore when a file is needed.       just look at the logs on the backup application.

Question 14. 14. (TCO 7) Who should know a user’s password? (Points : 4)       The user’s direct manager       No one other than the user       The ISO       The owner of the company

Question 15. 15. (TCO 8) Input validation is (Points : 4)

      verifying that a piece of code does not have any inherent vulnerabilities.

      making sure that employees know what information to enter in a new system.

      testing an application system by entering all kinds of character strings in the provided fields.

      testing what information an application system returns when information is entered.
 Get Professional Help with Your Research Essay Paper Today From Our Student Essay Service!