CIS 481-20: INTRO TO INFORM SECURITY EXAM 3

• Question 1

  2 out of 2 points

  	The most common certification expected of a Chief Information Security Officer is the _____ .
  	Selected Answer:   CISSP Correct Answer:  CISSP

• Question 2

  1 out of 1 points

  	It is perfectly legal to continue using an existing Halon fire protection system in the United States.
  	Selected Answer:  True Correct Answer:  True

• Question 3

  2 out of 2 points

  	____ occurs when an authorized individual presents a key to open a door, and other individuals, who may or may not be authorized, also enter through.
  	Selected Answer:   Tailgating Correct Answer:  Tailgating

• Question 4

  2 out of 2 points

  	The steps of the Internet vulnerability assessment include ____, which is when the penetration test engine is unleashed at the scheduled time using the planned target list and test selection.
  	Selected Answer:   Scanning Correct Answer:  Scanning

• Question 5

  2 out of 2 points

  	The ____ layer of the bull"s-eye model receives attention last.
  	Selected Answer:   Applications Correct Answer:  Applications

• Question 6

  2 out of 2 points

  	The ____ level of the bull"s-eye model establishes the ground rules for the use of all systems and describes what is appropriate and what is inappropriate, and enables all other information security components to function correctly and have the desired effects in improving the organization"s information security program.
  	Selected Answer:   Policies Correct Answer:  Policies

• Question 7

  2 out of 2 points

  	Class ____ fires involve ordinary combustible fuels such as wood and paper.
  	Selected Answer:   A Correct Answer:  A

• Question 8

  1 out of 1 points

  	The digital forensics team must be able to demonstrate that any analyzed copy or image is a true and accurate replica of the source material. This is typically accomplished by usingcryptographic hash tools.
  	Selected Answer:  True Correct Answer:  True

• Question 9

  1 out of 1 points

  	Chain of custody is the detailed documentation of the collection, storage, transfer, and ownership of collected evidence from the crime scene through its presentation in court.
  	Selected Answer:  True Correct Answer:  True

• Question 10

  2 out of 2 points

  	In general, the research seems to suggest that while many organizations believe that the CISO/CSO should function as an independent, executive-level decision maker, infomation security and the ____ department are currently too closely aligned to separate into two departments.
  	Selected Answer:   information technology Correct Answer:  information technology

• Question 11

  1 out of 1 points

  	There are three methods of data interception: direct observation, interception of data transmission, and mechanical interception.
  	Selected Answer:  False Correct Answer:  False

• Question 12

  2 out of 2 points

  	_________ is the process of reviewing the use of a system to determine if misuse or malfeasance has occurred.
  	Selected Answer:   Auditing Correct Answer:  Auditing

• Question 13

  1 out of 1 points

  	Each organization has to determine its own project management methodology for IT and information security projects.
  	Selected Answer:  True Correct Answer:  True

• Question 14

  2 out of 2 points

  	The idea that employees should be provided access to the minimum amount of information for the minimum amount of time necessary for them to perform their duties is known as (the) __________ .
  	Selected Answer:   principle of least privilege Correct Answer:  principle of least privilege

• Question 15

  2 out of 2 points

  	In the ____ approach, the sensor detects an unusually rapid increase in the area temperature within a relatively short period of time.
  	Selected Answer:   rate-of-rise Correct Answer:  rate-of-rise

• Question 16

  1 out of 1 points

  	The position of security technician is often offered as an entry-level position.
  	Selected Answer:  True Correct Answer:  True

• Question 17

  1 out of 1 points

  	The security manager position has more general responsibilities than that of CISO.
  	Selected Answer:  False Correct Answer:  False

• Question 18

  2 out of 2 points

  	The information security function can reasonably be placed within ____.
  	Selected Answer:   All of the above Correct Answer:  All of the above

• Question 19

  2 out of 2 points

  	____ is a cornerstone in the protection of information assets and in the prevention of financial loss.
  	Selected Answer:   Separation of duties Correct Answer:  Separation of duties

• Question 20

  2 out of 2 points

  	____ sensors project and detect an infrared beam across an area to detect smoke.
  	Selected Answer:   Photoelectric Correct Answer:  Photoelectric

• Question 21

  1 out of 1 points

  	In the offline method of data acquisition for evidence gathering, a sector-by-sector copy of hard drives is made after the investigator has removed the power source in the target system.
  	Selected Answer:  True Correct Answer:  True

• Question 22

  1 out of 1 points

  	To maintain a secure facility, contract employees (such as electricians or vendor repair staff) should be escorted from room to room, as well as into and out of the facility.
  	Selected Answer:  True Correct Answer:  True

• Question 23

  2 out of 2 points

  	The interior walls reach only part way to the next floor, which leaves a space above the ceiling of the offices but below the top of the story. This space is called a(n) ____.
  	Selected Answer:   plenum Correct Answer:  plenum

• Question 24

  1 out of 1 points

  	Hostile departures include termination for cause, permanent downsizing, temporary lay-off, and some instances of quitting.
  	Selected Answer:  True Correct Answer:  True

• Question 25

  2 out of 2 points

  	In the Schwartz, Erwin, Weafer, and Briney model, ____ are the real techies, who create and install security solutions.
  	Selected Answer:   builders Correct Answer:  builders