Henry recently assisted one of his co-workers in preparing for the CISSP exam. During this process, Henry disclosed confidential information about the content of the exam, in violation of Canon IV of the Code of Ethics: “Advance and protect the profession.” Who may bring ethics charges against Henry for this violation?

Any certified or licensed professional may bring charges.

Only Henry’s employer may bring charges.

Only the affected employee may bring charges.

Chris is advising travelers from his organization who will be visiting many different countries overseas. He is concerned about compliance with export control laws. Which of the follow- ing technologies is most likely to trigger these regulations?

Office productivity applications

You are completing your business continuity planning effort and have decided that you want to accept one of the risks. What should you do next?

Document your decision-making process.

Implement new security controls to reduce the risk level.

Design a disaster recovery plan.

Repeat the business impact assessment.

Tony is developing a business continuity plan and is having difficulty prioritizing resources because of the difficulty of combining information about tangible and intangible assets. What would be the most effective risk assessment approach for him to use?

Combination of quantitative and qualitative risk assessment

Neither quantitative nor qualitative risk assessment

Brenda’s organization recently completed the acquisition of a competitor firm. Which one of the following tasks would be LEAST likely to be part of the organizational processes addressed during the acquisition?

Protection of intellectual property

Consolidation of security functions

Documentation of security policies

When developing a business impact analysis, the team should first create a list of assets. What should happen next?

Develop a value for each asset.

Identify vulnerabilities in each asset

Determine the risks facing the asset.

Identify threats facing each asset.

Which one of the following organizations would not be automatically subject to the privacy and security requirements of HIPAA if they engage in electronic transactions?

Health and fitness application developer

Health information clearinghouse

Which one of the following individuals would be the most effective organizational owner for an information security program?

Chief information officer (CIO)

What important function do senior managers normally fill on a business continuity planning team?

Arbitrating disputes about criticality

Evaluating the legal environment

Which one of the following issues is not normally addressed in a service-level agreement (SLA)?

Confidentiality of customer information

Frances is reviewing her organization’s business continuity plan documentation for complete- ness. Which one of the following is not normally included in business continuity plan doc- Umentation?

Statement of organizational responsibility

Domain-1

Authored by Exam Quiz

Computers

Professional Development

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

99 questions

Show all answers

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Alyssa is responsible for her organization’s security awareness program. She is concerned that changes in technology may make the content outdated. What control can she put in place to protect against this risk?

Gamification

Computer-based training

Content reviews

Live training

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Gavin is creating a report to management on the results of his most recent risk assessment. In his report, he would like to identify the remaining level of risk to the organization after adopting security controls. What term best describes this current level of risk?

Inherent risk

Residual risk

Control risk

Mitigated risk

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Francine is a security specialist for an online service provider in the United States. She recently received a claim from a copyright holder that a user is storing information on her service that violates the third party’s copyright. What law governs the actions that Francine must take?

Lanham Act

Digital Millennium Copyright Act

Gramm Leach Bliley Act

MULTIPLE CHOICE QUESTION

1 min • 1 pt

FlyAway Travel has offices in both the European Union (EU) and the United States and transfers personal information between those offices regularly. They have recently received a request from an EU customer requesting that their account be terminated. Under the General Data Protection Regulation (GDPR), which requirement for processing personal information states that individuals may request that their data no longer be disseminated or processed?

The right to access

Privacy by design

The right to be forgotten

The right of data portability

MULTIPLE CHOICE QUESTION

1 min • 1 pt

After conducting a qualitative risk assessment of her organization, Sally recommends purchasing cybersecurity breach insurance. What type of risk response behavior is she Recommending?

Transfer

Reduce

Reject

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which one of the following elements of information is not considered personally identifiable information that would trigger most United States (U.S.) state data breach laws?

Student identification number

Social Security number

Driver’s license number

Credit card number

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Renee is speaking to her board of directors about their responsibilities to review cyberse- curity controls. What rule requires that senior executives take personal responsibility for information security matters?

Due diligence rule

Personal liability rule

Prudent man rule

Due process rule

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

98 questions

Comptia +a Teil2 (P2)

Quiz

•

Professional Development

95 questions

UNIDAD 1: Diseño de interfaces gráficas con editores visuales y

Quiz

•

Professional Development

100 questions

TEST 3

Quiz

•

Professional Development

100 questions

PraUJK Desain Grafis Madya

Quiz

•

Professional Development

102 questions

MME. Unidad Didáctica 4

Quiz

•

Professional Development

99 questions

AWS SA Class 1. Cloud Computing and AWS Quiz

Quiz

•

Professional Development

96 questions

Test UD8 Interrogaciòn de bases de datos

Quiz

•

Professional Development

100 questions

Quizz T1 BD

Quiz

•

Professional Development

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

20 questions

Figurative Language Review

Quiz

•

6th Grade

Discover more resources for Computers

10 questions

How to Email your Teacher

Quiz

•

Professional Development

6 questions

3RD GRADE DECLARATION OF INDEPENDENCE EXIT TICKET

Quiz

•

Professional Development

19 questions

Black History Month Trivia

Quiz

•

6th Grade - Professio...

22 questions

Multiplying Exponents with the Same Base

Quiz

•

9th Grade - Professio...

40 questions

Flags of the World

Quiz

•

KG - Professional Dev...

Domain-1

Alyssa is responsible for her organization’s security awareness program. She is concerned that changes in technology may make the content outdated. What control can she put in place to protect against this risk?

Gavin is creating a report to management on the results of his most recent risk assessment. In his report, he would like to identify the remaining level of risk to the organization after adopting security controls. What term best describes this current level of risk?

Francine is a security specialist for an online service provider in the United States. She recently received a claim from a copyright holder that a user is storing information on her service that violates the third party’s copyright. What law governs the actions that Francine must take?

After conducting a qualitative risk assessment of her organization, Sally recommends purchasing cybersecurity breach insurance. What type of risk response behavior is she Recommending?

Which one of the following elements of information is not considered personally identifiable information that would trigger most United States (U.S.) state data breach laws?

Renee is speaking to her board of directors about their responsibilities to review cyberse- curity controls. What rule requires that senior executives take personal responsibility for information security matters?

Wanda is working with one of her organization’s European Union business partners to facil- itate the exchange of customer information. Wanda’s organization is located in the United States. What would be the best method for Wanda to use to ensure GDPR compliance?

Yolanda is the chief privacy officer for a financial institution and is researching privacy requirements related to customer checking accounts. Which one of the following laws is most likely to apply to this situation?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers