SophiaPretty

(5)

$14/per page/Negotiable

About SophiaPretty

Levels Tought:
Elementary,Middle School,High School,College,University,PHD

Expertise:
Accounting,Algebra See all
Accounting,Algebra,Applied Sciences,Architecture and Design,Art & Design,Biology,Business & Finance,Calculus,Chemistry,Communications,Computer Science,Economics,Engineering,English,Environmental science,Essay writing Hide all
Teaching Since: Jul 2017
Last Sign in: 201 Weeks Ago, 1 Day Ago
Questions Answered: 15833
Tutorials Posted: 15827

Education

  • MBA,PHD, Juris Doctor
    Strayer,Devery,Harvard University
    Mar-1995 - Mar-2002

Experience

  • Manager Planning
    WalMart
    Mar-2001 - Feb-2009

Category > Engineering Posted 11 Oct 2017 My Price 10.00

Which formula is typically used to describe the components of information security risks?

Quiz 4

QUESTION 1

1.     Which formula is typically used to describe the components of information security risks?

Risk = Likelihood X Vulnerability

Risk = Threat X Vulnerability

Risk = Threat X Likelihood

Risk = Vulnerability X Cost

0.5 points  

QUESTION 2

1.     Earl is preparing a risk register for his organization's risk management program. Which data element is LEAST likely to be included in a risk register?

Description of the risk

Expected impact

Risk survey results

Mitigation steps

0.5 points  

QUESTION 3

1.     Alan is developing a business impact assessment for his organization. He is working with business units to determine the maximum allowable time to recover a particular function. What value is Alan determining?

Recovery time objective (RTO)

Recovery point objective (RPO)

Business recovery requirements

Technical recovery requirements

0.5 points  

QUESTION 4

1.     Which one of the following is an example of a direct cost that might result from a business disruption?

Damaged reputation

Lost market share

Lost customers

Facility repair

0.5 points  

QUESTION 5

1.     Tom is the IT manager for an organization that experienced a server failure that affected a single business function. What type of plan should guide the organization's recovery effort?

Disaster recovery plan (DRP)

Business impact analysis (BIA)

Business continuity plan (BCP)

Service level agreement (SLA)

0.5 points  

QUESTION 6

1.     What is the first step in a disaster recovery effort?

Respond to the disaster.

Follow the disaster recovery plan (DRP).

Communicate with all affected parties.

Ensure that everyone is safe.

0.5 points  

QUESTION 7

1.     Dawn is selecting an alternative processing facility for her organization's primary data center. She would like to have a facility that balances cost and switchover time. What would be the best option in this situation?

Hot site

Warm site

Cold site

Primary site

0.5 points  

QUESTION 8

1.     Holly would like to run an annual major disaster recovery test that is as thorough and realistic as possible. She also wants to ensure that there is no disruption of activity at the primary site. What option is best in this scenario?

Checklist test

Full interruption test

Parallel test

Simulation test

0.5 points  

QUESTION 9

1.     As a follow-up to her annual testing, Holly would like to conduct quarterly disaster recovery tests that introduce as much realism as possible but do not require the use of technology resources. What type of test should Holly conduct?

Checklist test

Parallel test

Simulation test

Structured walk-through

0.5 points  

QUESTION 10

1.     Which one of the following is an example of a reactive disaster recovery control?

Moving to a warm site

Disk mirroring

Surge suppression

Antivirus software

0.5 points  

QUESTION 11

1.     George is the risk manager for a U.S. federal government agency. He is conducting a risk assessment for that agency's IT risk. What methodology is best suited for George's use?

Risk Management Guide for Information Technology Systems (NIST SP800-30)

CCTA Risk Analysis and Management Method (CRAMM)

Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE)

ISO/IEC 27005, "Information Security Risk Management"

0.5 points  

QUESTION 12

1.     Betsy recently assumed an information security role for a hospital located in the United States. What compliance regulation applies specifically to healthcare providers?

FFIEC

FISMA

HIPAA

PCI DSS

0.5 points  

QUESTION 13

1.     A hospital is planning to introduce a new point-of-sale system in the cafeteria that will handle credit card transactions. Which one of the following governs the privacy of information handled by those point-of-sale terminals?

Health Insurance Portability and Accountability Act (HIPAA)

Payment Card Industry Data Security Standard (PCI DSS)

Federal Information Security Management Act (FISMA)

Federal Financial Institutions Examination Council (FFIEC)

0.5 points  

QUESTION 14

1.     The Children's Online Privacy Protection Act (COPPA) restricts the collection of information online from children. What is the cutoff age for COPPA regulation?

11

13

15

18

0.5 points  

QUESTION 15

1.     Which one of the following is the best example of an authorization control?

Biometric device

Digital certificate

Access control lists

One-time password

0.5 points  

QUESTION 16

1.     Which item in a Bring Your Own Device (BYOD) policy helps resolve intellectual property issues that may arise as the result of business use of personal devices?

Support ownership

Onboarding/offboarding

Forensics

Data ownership

0.5 points  

QUESTION 17

1.     What is NOT a commonly used endpoint security technique?

Full device encryption

Network firewall

Remote wiping

Application control

0.5 points  

QUESTION 18

1.     What is NOT one of the three tenets of information security?

Confidentiality

Integrity

Safety

Availability

0.5 points  

QUESTION 19

1.     What compliance regulation applies specifically to the educational records maintained by schools about students?

Family Education Rights and Privacy Act (FERPA)

Health Insurance Portability and Accountability Act (HIPAA)

Federal Information Security Management Act (FISMA)

Gramm-Leach-Bliley Act (GLBA)

0.5 points  

QUESTION 20

1.     What level of technology infrastructure should you expect to find in a cold site alternative data center facility?

Hardware and data that mirror the primary site

Hardware that mirrors the primary site, but no data

Basic computer hardware

No technology infrastructure

Answers

(5)
Status NEW Posted 11 Oct 2017 11:10 AM My Price 10.00

-----------  ----------- H-----------ell-----------o S-----------ir/-----------Mad-----------am ----------- Th-----------ank----------- yo-----------u f-----------or -----------you-----------r i-----------nte-----------res-----------t a-----------nd -----------buy-----------ing----------- my----------- po-----------ste-----------d s-----------olu-----------tio-----------n. -----------Ple-----------ase----------- pi-----------ng -----------me -----------on -----------cha-----------t I----------- am----------- on-----------lin-----------e o-----------r i-----------nbo-----------x m-----------e a----------- me-----------ssa-----------ge -----------I w-----------ill----------- be----------- qu-----------ick-----------ly

Not Rated(0)