Which of the following is NOT a best practice in access management?

Give only the right amount of permission

Periodically assess if user permissions still apply

Request a justification when upgrading permission

As an (ISC)² member, you are expected to perform with due care. What does 'due care' specifically mean?

Do what is right in each situation you encounter on the job

Give continuity to the legacy of security practices of your company

Researching and acquiring the knowledge to do your job right

Which of these is NOT a best practice in access management?

Periodically assessing whether user permissions still apply

Requesting a justification when upgrading permission

Giving only the right amount of permission

What does the term 'data remanence' refer?

Data left over after routine removal and deletion

Data in use that can't be encrypted

Files saved locally that can't be remoted accessed

Which of these is NOT a characteristic of an MSP implementation?

Manage all in-house company infrastructure

Monitor and respond to security incidents

Mediate, execute and decide top-level decisions

Utilize expertise for the implementation of a product or service

Which of these is NOT a typical component of a comprehensive business continuity plan (BCP)?

A cost prediction of the immediate response procedures

Immediate response procedures and checklists

Notification systems and call trees for alerting personnel

Acting ethically is mandatory for (ISC)² members. Which of these is NOT considered unethical?

Having fake social media profiles and accounts

Disrupting the intended use of the internet

Seeking to gain unauthorized access to resources on the internet

Compromising the privacy of users

In the context of risk management, which information does ALE outline?

The expected cost per year of not performing a given risk-mitigating action

The percentage of Asset Lost Efficiency

The probability of a risk coming to pass in a given year

Which of these is an example of a privacy breach?

Access of private information by an unauthorized person

Any observable occurrence in a network or system

Being exposed to the possibility of attack

Unavailability of critical systems

While performing background checks on new employees, which of these can NEVER be an attribute for discrimination?

References, education, political affiliation, employment history

Employment history, references, criminal records

Credit history, employment history, references

Criminal Records, credit history, references

What is the PRIMARY objective of a degaussing?

Preventing magnetic side-channel attacks

Which of these is part of the canons (ISC)² code of ethics?

Advance and protect the profession

Provide diligent and competent services to stakeholders

Prevent and detect unauthorized use of digital assets in a society

Act always in the best interest of your client

Which of these is NOT one of the (ISC)² ethics canons?

Consider the social consequences of the systems you are designing

Act honorably, honestly, justly, responsibly, and legally

Protect society, the common good, necessary public trust and confidence, and the infrastructure

Provide diligent and competent service to principals

Which of these is the PRIMARY objective of the PCI-DSS standard?

Personally Identifiable Information (PII)

Protected Health Information (PHI)

The PRIMARY objective of a business continuity plan is:

To sustain business operations while recovering from a disruption

To regularly verify whether the organization complies with applicable regulations

To assess the impact of disruption to the business

To restore the business to the full last-known reliable state of operations

146. When an incident occurs, which of these is not a PRIMARY responsibility of an organization's response team?

d) Communicating with top management regarding the circumstances of the cybersecurity event

a) Determining the scope of the damage caused by the incident

b) Implementing the recovery procedures necessary to restore security and recover from any incident-related damage

c) Determining whether any confidential information has been compromised over the course of the entire incident

147. What is the PRIMARY objective of a rollback in the context of the change management process?

c. Restore the system to its last state before the change was made

a. Identify the required changes needed

b. Validate the system change process

d. Establish a minimum understood and acceptable level of security requirements

150. The PRIMARY objective of a security baseline is to establish ...

b. a minimum understood and acceptable level of security

a. a minimum understood and a good level of security requirements

c. security and configuration requirements

d. a maximum understood and an acceptable level of security requirements

PART2

Professional Development

•

50 Qs

Similar activities

CUESTIONARIO REPASO COMPLETO BASTIONADO DE REDES

Professional Development

•

50 Qs

Cuestionario Web

Professional Development

•

50 Qs

Loop in C

Professional Development

•

51 Qs

HTML And CSS

4th Grade - Professional Development

•

53 Qs

POSTEST TCC-GC 2 - SGSI

1st Grade - Professional Development

•

50 Qs

CC-IAT2 QUIZ

Professional Development

•

50 Qs

2ºDAW - Diseño de Interfaces Web - Trim.2 - Prof. C. Boni

University - Professional Development

•

50 Qs

Health and safety

Professional Development

•

50 Qs

PART2

Quiz

•

Computers

•

Professional Development

•

Practice Problem

•

Medium

Ayomide Oluwaga

Used 1+ times

FREE Resource

50 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

In the event of a disaster, what should be the PRIMARY objective?

Apply disaster communication

Protect the production database

Guarantee the safety of people

Guarantee the continuity of critical systems

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A security professional should report violations of a company's security policy to:

The ISC Ethics Committee

Company management

National authorities

A court of law

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which department in a company is NOT regularly involved in a DRP?

Executives

Public Relations

Financial

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is included in an SLA document?

A plan to prepare the organization for the continuation of critical business functions

A plan to keep business operations going while recovering from a significant disruption

Instructions to detect, respond to, and limit the consequences of a cyber-attack

Instructions on data ownership and destruction

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the most important difference between MAC and DAC?

In MAC, security administrators set the roles for the users; in DAC, roles are set at the object owner’s discretion

In MAC, security administrators assign access permissions; in DAC, security administrators set user roles

In MAC, security administrators assign access permissions; in DAC, access permissions are set at the object owner’s discretion

In MAC, access permissions are set at the object owner’s discretion; in DAC, it is up to security administrators to assign access permissions

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Requiring a specific user role to access resources is an example of:

MAC

ABAC

RBAC

DAC

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which type of document outlines the procedures ensuring that vital company systems keep running during business disrupting events?

Business Impact Plan

Business Impact Analysis

Disaster Recovery Plan

Business Continuity Plan

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

50 questions

SC-900 Day 3

Quiz

•

Professional Development

50 questions

CUESTIONARIO REPASO COMPLETO BASTIONADO DE REDES

Quiz

•

Professional Development

50 questions

Cuestionario Web

Quiz

•

Professional Development

53 questions

HTML And CSS

Quiz

•

4th Grade - Professio...

50 questions

2ºDAW - Diseño de Interfaces Web - Trim.2 - Prof. C. Boni

Quiz

•

University - Professi...

45 questions

ИТ в профессиональной деятельности

Quiz

•

Professional Development

50 questions

AICTE-STTP_"BlockChain & Applications" Slot-1_Assessment

Quiz

•

Professional Development

50 questions

Amadeus Final Exam

Quiz

•

Professional Development

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

20 questions

Figurative Language Review

Quiz

•

6th Grade

Discover more resources for Computers

10 questions

How to Email your Teacher

Quiz

•

Professional Development

6 questions

3RD GRADE DECLARATION OF INDEPENDENCE EXIT TICKET

Quiz

•

Professional Development

19 questions

Black History Month Trivia

Quiz

•

6th Grade - Professio...

22 questions

Multiplying Exponents with the Same Base

Quiz

•

9th Grade - Professio...

40 questions

Flags of the World

Quiz

•

KG - Professional Dev...

PART2

50 questions

In the event of a disaster, what should be the PRIMARY objective?

A security professional should report violations of a company's security policy to:

Which department in a company is NOT regularly involved in a DRP?

Which of the following is included in an SLA document?

What is the most important difference between MAC and DAC?

Requiring a specific user role to access resources is an example of:

Which type of document outlines the procedures ensuring that vital company systems keep running during business disrupting events?

Which of the following is NOT a best practice in access management?

If a company collects PII, which policy is required?

Which of these is LEAST likely to be installed by an infection?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers