#01 Security Principle
Professional Development
•10 Qs
Similar activities
Introduction Day 1
Professional Development
•12 Qs
CHINH PHỤC ECM PROJECT
Professional Development
•10 Qs
TOC_Q1
Professional Development
•8 Qs
Raman
Professional Development
•10 Qs
Social Media Basics for Educators
9th Grade - Professional Development
•15 Qs
Sayısal Tasarım - Shift Registers
University - Professional Development
•9 Qs
Attention Is All You Need | Quiz
University - Professional Development
•10 Qs
Quality Day 2018 - Quiz 1
Professional Development
•15 Qs
#01 Security Principle
Quiz
•
Computers
•
Professional Development
•
Easy
Kim undefined
Used 1+ times
FREE Resource
10 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
A chief information security officer (CISO) at a large organization documented a policy that establishes the acceptable use of cloud environments for all staff. This is an example of a: (D1, L1.3.1)
Management/Administrative control
Technical control
Physical control
Cloud control
Answer explanation
Correct. Policies, standards, processes, procedures and guidelines set by corporate administrative entities (e.g., executive- and/or mid-level management) are management/administrative controls.
2.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Is it possible to avoid risk? (D1, L1.2.1)
Yes
No
Sometimes
Never
Answer explanation
Correct. To avoid an identified risk, stop doing what you have identified as being too risky or dangerous and not acceptable to the organization.
3.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
What is meant by non-repudiation? (D1, L1.1.1)
If a user does something, they can’t later claim that they didn’t do it.
Controls to protect the organization’s reputation from harm due to inappropriate social media postings by employees, even if on their private accounts and personal time.
It is part of the rules set by administrative controls.
It is a security feature that prevents session replay attacks.
Answer explanation
Correct. To repudiate means to attempt to deny after the fact, to lie about one's actions.
4.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which of the following is NOT one of the four typical ways of managing risk? (D1, L1.2.1)
Avoid
Accept
Mitigate
Conflate
Answer explanation
Correct. Conflate is not a term used to describe a way to manage risk.
5.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Siobhan is deciding whether to make a purchase online; the vendor wants Siobhan to create a new user account, and is requesting Siobhan’s full name, home address, credit card number, phone number, email address, the ability to send marketing messages to Siobhan, and permission to share this data with other vendors. Siobhan decides that the item for sale is not worth the value of Siobhan’s personal information, and decides to not make the purchase. What kind of risk management approach did Siobhan make? (D1, L1.2.2)
avoidance
acceptance
mitigation
transfer
Answer explanation
Correct. This is an example of avoidance; in order to avoid the risk of unauthorized use of the personal data, Siobhan chose not to engage in the activity.
6.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Guillermo is the system administrator for a midsized retail organization. Guillermo has been tasked with writing a document that describes, step-by-step, how to securely install the operating system on a new laptop. This document is an example of a ________. (D1, L1.4.1)
policy
standard
procedure
guideline
Answer explanation
Correct. A procedure (sometimes referred to as a "process" document) is a description of how to perform an action. It is usually written by the office/person who performs that action on a regular basis.
7.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Lankesh is the security administrator for a small food-distribution company. A new law is published by the country in which Lankesh’s company operates; the law conflicts with the company’s policies. Which governance element should Lankesh’s company follow? (D1, L1.4.2)
the law
the policy
any procedures the company has created for the particular activities affected by the law
Lankesh should be allowed to use personal and professional judgment to make the determination of how to proceed
Answer explanation
Correct. Laws are the explicit authority of the jurisdiction where any organizations operate; laws cannot be violated, regardless of internal company governance. Laws supersede everything else.
Create a free account and access millions of resources
Similar Resources on Wayground
10 questions
AZ-900 practice quiz
Quiz
•
Professional Development
15 questions
Jurassic World game quiz
Quiz
•
3rd Grade - Professio...
15 questions
Sec+ Quiz - 1
Quiz
•
Professional Development
15 questions
Security+ 701 - Quiz 2
Quiz
•
Professional Development
8 questions
Administration Windows 6 - PowerShell
Quiz
•
Professional Development
15 questions
Supervised and unsupervised learning
Quiz
•
Professional Development
10 questions
Operation Reliability
Quiz
•
Professional Development
14 questions
AZ-900 Module 1
Quiz
•
1st Grade - Professio...
Popular Resources on Wayground
18 questions
Writing Launch Day 1
Lesson
•
3rd Grade
11 questions
Hallway & Bathroom Expectations
Quiz
•
6th - 8th Grade
11 questions
Standard Response Protocol
Quiz
•
6th - 8th Grade
40 questions
Algebra Review Topics
Quiz
•
9th - 12th Grade
4 questions
Exit Ticket 7/29
Quiz
•
8th Grade
10 questions
Lab Safety Procedures and Guidelines
Interactive video
•
6th - 10th Grade
19 questions
Handbook Overview
Lesson
•
9th - 12th Grade
20 questions
Subject-Verb Agreement
Quiz
•
9th Grade