Levels Tought:
Elementary,Middle School,High School,College,University,PHD
Teaching Since: | Jul 2017 |
Last Sign in: | 211 Weeks Ago, 5 Days Ago |
Questions Answered: | 15833 |
Tutorials Posted: | 15827 |
MBA,PHD, Juris Doctor
Strayer,Devery,Harvard University
Mar-1995 - Mar-2002
Manager Planning
WalMart
Mar-2001 - Feb-2009
A ____________ would be a misconfiguration of a system that allows the hacker to gain unauthorized access, whereas a______________ is a combination of the likelihood that such a misconfiguration could happen, a hacker's exploitation of it, and the impact if the event occurred.
a.vulnerability, risk
b.risk, vulnerability
c.threat, risk
d.risk, threat
5 points Save Answer
Question 2
Â
A vulnerability is a human-caused or natural event that could impact the system, whereas a risk is a weakness in a system that can be exploited.
 True
 False
5 points Save Answer
Question 3
Â
A__________________ communicates general rules that cut across the entire organization.
a.procedure
b.policy principles document
c.guideline
d.policy definitions document
5 points Save Answer
Question 4
Â
As employees find new ways to improve a system or process, it is important to have a way to capture their ideas. ________________________ can be understood as finding a better way or as a lesson learned.
a.Business process reengineering
b.Continuous improvement
c.Policy implementation
d.Change management
5 points Save Answer
Question 5
Â
Authentication is the ability to verify the identity of a user or device and is a concept that explicitly applies to human users.
 True
 False
5 points Save Answer
Question 6
Â
Availability ensures information is available to authorized users and devices. Initially, the information owner must determine availability requirements. The owner must determine who needs access to the data and when.
 True
 False
5 points Save Answer
Question 7
Â
Data exists generally in one of two states: data at rest, such as on a backup tape, or data in transit, such as when traveling across a network.
 True
 False
5 points Save Answer
Question 8
Â
Generally, regardless of threat or vulnerability, there will ____________ be a chance a threat can exploit a vulnerability.
a.never
b.occasionally
c.always
d.seldom
5 points Saved
Question 9
Â
Good governance provides assurance and confidence that rules are being followed; governance exists for the purpose of providing assurance to regulators that risks to shareholders, customers, and the public are being properly managed.
 True
 False
5 points Save Answer
Question 10
Â
It is possible for an organization to set up a sound policy framework that can prevent any issues from occurring in ISS.
 True
 False
5 points Save Answer
Question 11
Â
Integrity ensures that only authorized individuals are able to access information.
 True
 False
5 points Save Answer
Question 12
Â
In the Build, Acquire, and Implement domain, the ability to manage change is very important. Thus, there are often ___________________ set to avoid disrupting current services while new services are added.
a.authentications
b.entitlements
c.upgrades
d.guidelines
5 points Save Answer
Question 13
Â
The COBIT Align, Plan, and Organize domain includes basic details of an organization's requirements and goals; this domain answers which of the following questions?
a.What are the areas of vulnerability?
b.Where is there room to build?
c.What are the processes for quality assurance?
d.What do you want to do?
5 points Save Answer
Question 14
Â
The COBIT Monitor, Evaluate, and Assess domain looks at specific business requirements and strategic direction, and determines if the system still meets these objectives. To ensure requirements are being met, independent assessments known as________________ take place.
a.audits
b.quality controls
c.quality assurance
d.information assurances
5 points Save Answer
Question 15
Â
The legal concept of nonrepudiation provides assurance that an individual cannot deny having digitally signed a document or been party to a transaction. As the sum total of evidence that proves to the court's satisfaction that only one person could have executed that transaction, this concept exists because businesses want to prove it was one person's computer, ID, and digital signature, and that the person's transaction that cannot be repudiated.
 True
 False
5 points Save Answer
Question 16
Â
The COBIT Monitor, Evaluate, and Assess domain phase looks at specific business requirements and strategic direction and determines if the system still meets these objectives.
 True
 False
5 points Save Answer
Question 17
Â
Which of the following is not one of the "five pillars of the IA model"
a.Confidentiality
b.Integrity
c.Availability
d.Assurance
5 points Save Answer
Question 18
Â
Which of the following situations best illustrates the process of authentication?
a.A Web site sets users' passwords to expire every 90 days
b.Using an electronic signature on official documentation
c.When an application sets a limit on the amount of payment a user can approve
d.When a service is made unavailable to a user due to a server crash
5 points Save Answer
Question 19
Â
Which of the following is not one of the four domains that collectively represents a conceptual information systems security management life cycle?
a.Align, Plan, and Organize
b.Build, Acquire, and Implement
c.Deliver, Service, and Support
d.Evaluate, Assess, and PerformÂ
5 points Save Answer
Question 20
Â
.Which statement most clearly contrasts the difference between policies and procedures?
a..Policies are requirements placed on processes, whereas procedures are the technical steps taken to achieve those policy goals.
b..Policies implement controls on a system to make it compliant to a standard, whereas procedures influence the creation of policies.
c.Policies set the parameters within which a procedure can be used, whereas procedures influence the creation of policies.
dPolicies are often approved by lower-level management responsible for the implementation of policies, whereas procedures are often approved by the most senior levels of management.
----------- Â ----------- H-----------ell-----------o S-----------ir/-----------Mad-----------am ----------- Th-----------ank----------- yo-----------u f-----------or -----------you-----------r i-----------nte-----------res-----------t a-----------nd -----------buy-----------ing----------- my----------- po-----------ste-----------d s-----------olu-----------tio-----------n. -----------Ple-----------ase----------- pi-----------ng -----------me -----------on -----------cha-----------t I----------- am----------- on-----------lin-----------e o-----------r i-----------nbo-----------x m-----------e a----------- me-----------ssa-----------ge -----------I w-----------ill----------- be----------- qu-----------ick-----------ly