After your company implemented a clean desk policy, you have been asked to secure physical documents every night. Which of the following would be the best solution?

Locking cabinets and drawers at each desk

Your company’s security policy includes system testing and security awareness training guidelines. Which of the following control types is this?

Preventive adminstrative control

Detective administrative control

Jim’s company operates facilities in Illinois, Indiana, and Ohio, but the headquarters is in Illinois. Which state laws does Jim need to review and handle as part of his security program?

State laws in Illinois, Indiana and Ohio

Which of the following is not a physical security control?

Closed-circuit television (CCTV)

Your company has outsourced its proprietary processes to Acme Corporation. Due to technical issues, Acme wants to include a third-party vendor to help resolve the technical issues. Which of the following must Acme consider before sending data to the third party?

This may violate a nondisclosure agreement

This data should be encrypted before it is sent to the third-party vendor

This may constitute unauthorized data sharing

This may violate the privileged user role-based awareness training

Which of the following is considered a detective control?

Closed-circuit television (CCTV)

Which of the following is typically included in a BPA?

Sharing of profits and losses and the addition or removal of a partner

Clear statements detailing the expectation between a customer and a service provider

The agreement that a specific function or service will be delivered at the agreed-on level of performance

Security requirements associated with interconnecting IT systems

You are the network administrator for your company, and the manager of a retail site located across town has complained about the loss of power to their building several times this year. The branch manager is asking for a compensating control to overcome the power outage. What compensating control would you recommend?

Governance, Risk, and Compliance

A security administrator is reviewing the company’s continuity plan, and it specifies an RTO for four hours and an RPO of one day. Which of the following is the plan describing?

Systems should be restored within four hours with a loss of one day’s worth of data at most.

Systems should be restored within one day and should remain operational for at least four hours.

Systems should be restored within four hours and no later than one day after the incident.

Systems should be restored within one day and lose, at most, four hours’ worth of data.

Governance, Risk & Compliance Quiz

Authored by Greg Money

Computers

University

Used 1+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

33 questions

Show all answers

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Caroline has been asked to find an international standard to guide her company's choices in implementing information security management systems. Which of the following would be the best choice for her?

ISO 27002

ISO 27017

NIST 800-12

NIST 800-14

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Adam is concerned about malware infecting machines on his network. One of his concerns is that malware would be able to access sensitive system functionality that requires administrative access. What technique would best address this issue?

Implementing host-based antimalware

Using a nonadministrative account for normal activities

Implementing full-disk encryption (FDE)

Making certain the operating systems are patched

MULTIPLE CHOICE QUESTION

1 min • 1 pt

You are responsible for setting up new accounts for your company network. What is the most important thing to keep in mind when setting up new accounts?

Password length

Password complexity

Account age

Least privileges

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which of the following principles stipulates that multiple changes to a computer system should not be made at the same time?

Due diligence

Acceptable use

Change management

Due care

MULTIPLE CHOICE QUESTION

1 min • 1 pt

You are a security engineer and discovered an employee using the company's computer systems to operate their small business. The employee installed their personal software on the company's computer and is using the computer hardware, such as the USB port. What policy would you recommend the company implement to prevent such a breach of the company's data and network being compromised?

Acceptable use policy

Clean desk policy

Mandatory vacation policy

Job rotation policy

MULTIPLE CHOICE QUESTION

1 min • 1 pt

What standard is used for credit card security?

GDPR

COPPA

PCI-DSS

CIS

MULTIPLE CHOICE QUESTION

1 min • 1 pt

You are a security manager for your company and need to reduce the risk of employees working in collusion to embezzle funds. Which of the following policies would you implement?

Mandatory vacations

Clean desk

NDA

Continuing education

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

30 questions

Quiz 1

Quiz

•

University

30 questions

Flareup CSI

Quiz

•

12th Grade - University

30 questions

ACA 1

Quiz

•

University

30 questions

Technical-connection Round-1

Quiz

•

University

30 questions

Freehand and Digital Drawing Midterm Exam 2021-2022

Quiz

•

University

34 questions

MOS Word 2016 - Quiz 2

Quiz

•

University

28 questions

Scanners and Touch Screen Technologies (Pages 96-101)

Quiz

•

10th Grade - University

28 questions

Section 7: Security (10-14)

Quiz

•

University

Popular Resources on Wayground

20 questions

"What is the question asking??" Grades 3-5

Quiz

•

1st - 5th Grade

20 questions

“What is the question asking??” Grades 6-8

Quiz

•

6th - 8th Grade

10 questions

Fire Safety Quiz

Quiz

•

12th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

34 questions

STAAR Review 6th - 8th grade Reading Part 1

Quiz

•

6th - 8th Grade

20 questions

“What is the question asking??” English I-II

Quiz

•

9th - 12th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

47 questions

8th Grade Reading STAAR Ultimate Review!

Quiz

•

8th Grade

Discover more resources for Computers

15 questions

LGBTQ Trivia

Quiz

•

University

36 questions

8th Grade US History STAAR Review

Quiz

•

KG - University

25 questions

5th Grade Science STAAR Review

Quiz

•

KG - University

16 questions

Parallel, Perpendicular, and Intersecting Lines

Quiz

•

KG - Professional Dev...

20 questions

5_Review_TEACHER

Quiz

•

University

10 questions

Applications of Quadratic Functions

Quiz

•

10th Grade - University

10 questions

Add & Subtract Mixed Numbers with Like Denominators

Quiz

•

KG - University

20 questions

Block Buster Movies

Quiz

•

10th Grade - Professi...

Governance, Risk & Compliance Quiz

Caroline has been asked to find an international standard to guide her company's choices in implementing information security management systems. Which of the following would be the best choice for her?

Adam is concerned about malware infecting machines on his network. One of his concerns is that malware would be able to access sensitive system functionality that requires administrative access. What technique would best address this issue?

You are responsible for setting up new accounts for your company network. What is the most important thing to keep in mind when setting up new accounts?

Which of the following principles stipulates that multiple changes to a computer system should not be made at the same time?

What standard is used for credit card security?

You are a security manager for your company and need to reduce the risk of employees working in collusion to embezzle funds. Which of the following policies would you implement?

After your company implemented a clean desk policy, you have been asked to secure physical documents every night. Which of the following would be the best solution?

Which of the following techniques attempts to predict the likelihood a threat will occur and assigns monetary values should a loss occur?

Which of the following agreements is less formal than a traditional contract but still has a certain level of importance to all parties involved?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers