#01 Security Principle
Professional Development
•10 Qs
Similar activities
Mobile Technology
Professional Development
•10 Qs
Quiz 1 Sheet Setup
Professional Development
•6 Qs
Quiz 2 Equation Integration
Professional Development
•7 Qs
Sequences
Professional Development
•10 Qs
PYTHON QUIZ2
University - Professional Development
•10 Qs
Unidad 4. Rangos y Vinculación entre ficheros
Professional Development
•10 Qs
logos
1st Grade - Professional Development
•10 Qs
Gaming 2023
1st Grade - Professional Development
•12 Qs
#01 Security Principle
Quiz
•
Computers
•
Professional Development
•
Easy
Kim undefined
Used 1+ times
FREE Resource
10 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
A chief information security officer (CISO) at a large organization documented a policy that establishes the acceptable use of cloud environments for all staff. This is an example of a: (D1, L1.3.1)
Management/Administrative control
Technical control
Physical control
Cloud control
Answer explanation
Correct. Policies, standards, processes, procedures and guidelines set by corporate administrative entities (e.g., executive- and/or mid-level management) are management/administrative controls.
2.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Is it possible to avoid risk? (D1, L1.2.1)
Yes
No
Sometimes
Never
Answer explanation
Correct. To avoid an identified risk, stop doing what you have identified as being too risky or dangerous and not acceptable to the organization.
3.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
What is meant by non-repudiation? (D1, L1.1.1)
If a user does something, they can’t later claim that they didn’t do it.
Controls to protect the organization’s reputation from harm due to inappropriate social media postings by employees, even if on their private accounts and personal time.
It is part of the rules set by administrative controls.
It is a security feature that prevents session replay attacks.
Answer explanation
Correct. To repudiate means to attempt to deny after the fact, to lie about one's actions.
4.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which of the following is NOT one of the four typical ways of managing risk? (D1, L1.2.1)
Avoid
Accept
Mitigate
Conflate
Answer explanation
Correct. Conflate is not a term used to describe a way to manage risk.
5.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Siobhan is deciding whether to make a purchase online; the vendor wants Siobhan to create a new user account, and is requesting Siobhan’s full name, home address, credit card number, phone number, email address, the ability to send marketing messages to Siobhan, and permission to share this data with other vendors. Siobhan decides that the item for sale is not worth the value of Siobhan’s personal information, and decides to not make the purchase. What kind of risk management approach did Siobhan make? (D1, L1.2.2)
avoidance
acceptance
mitigation
transfer
Answer explanation
Correct. This is an example of avoidance; in order to avoid the risk of unauthorized use of the personal data, Siobhan chose not to engage in the activity.
6.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Guillermo is the system administrator for a midsized retail organization. Guillermo has been tasked with writing a document that describes, step-by-step, how to securely install the operating system on a new laptop. This document is an example of a ________. (D1, L1.4.1)
policy
standard
procedure
guideline
Answer explanation
Correct. A procedure (sometimes referred to as a "process" document) is a description of how to perform an action. It is usually written by the office/person who performs that action on a regular basis.
7.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Lankesh is the security administrator for a small food-distribution company. A new law is published by the country in which Lankesh’s company operates; the law conflicts with the company’s policies. Which governance element should Lankesh’s company follow? (D1, L1.4.2)
the law
the policy
any procedures the company has created for the particular activities affected by the law
Lankesh should be allowed to use personal and professional judgment to make the determination of how to proceed
Answer explanation
Correct. Laws are the explicit authority of the jurisdiction where any organizations operate; laws cannot be violated, regardless of internal company governance. Laws supersede everything else.
Create a free account and access millions of resources
Similar Resources on Wayground
15 questions
Jurassic World game quiz
Quiz
•
3rd Grade - Professio...
15 questions
SEC+ Ch.6 Review Test
Quiz
•
Professional Development
15 questions
Sec+ Quiz - 1
Quiz
•
Professional Development
8 questions
Administration Windows 6 - PowerShell
Quiz
•
Professional Development
15 questions
Supervised and unsupervised learning
Quiz
•
Professional Development
10 questions
Web3 Headlines, Heroes, and Hoaxes
Quiz
•
University - Professi...
10 questions
Operation Reliability
Quiz
•
Professional Development
10 questions
AZ-900 practice quiz
Quiz
•
Professional Development
Popular Resources on Wayground
55 questions
CHS Student Handbook 25-26
Quiz
•
9th Grade
18 questions
Writing Launch Day 1
Lesson
•
3rd Grade
10 questions
Chaffey
Quiz
•
9th - 12th Grade
15 questions
PRIDE
Quiz
•
6th - 8th Grade
40 questions
Algebra Review Topics
Quiz
•
9th - 12th Grade
22 questions
6-8 Digital Citizenship Review
Quiz
•
6th - 8th Grade
10 questions
Nouns, nouns, nouns
Quiz
•
3rd Grade
10 questions
Lab Safety Procedures and Guidelines
Interactive video
•
6th - 10th Grade