security chapter 14

Audits serve to verify that the security protections enacted by an organization are being followed and that corrective actions can be swiftly implemented before an attacker exploits a vulnerability.

True

The first phase of the security policy cycle involves a vulnerability assessment.

True

What may be defined as the components required to identify, analyze, and contain an incident?
Vulnerability response
Incident response
Risk response
Threat response

Incident response

What kind of learners learn from taking notes, being at the front of the class, and watching presentations?
Kinesthetic
Auditory
Spatial
Visual

Visual

Generally considered to be the most important information security policies, what item below defines the actions a user may perform while accessing systems and networking equipment?
Acceptable use policies
Encryption policies
Data loss policies
VPN policies

Acceptable use policies

Most organizations follow a three-phase cycle in the development and maintenance of a security policy.

True

What concept below is at the very heart of information security?
threat
mitigation
risk
management

risk

What kind of policy outlines how organizations use personal information it collects?
VPN
network
encryption
privacy

privacy

A person's fundamental beliefs and principals, which are used to define what is good, and how to distinguish right from wrong, are collectively called a person's:
Morals
Values
Ethics
Standards

Values

The objective of incident management is to restore normal operations as quickly as possible with the least possible impact on either the business or the users.

true

What are values that are attributed to a system of beliefs that help the individual distinguish right from wrong called?
Morals
Ethics
Standards
Morays

Morals

A due process policy is a policy that defines the actions users may perform while accessing systems and networking equipment.

False

Which type of network below uses a direct connection between users, and involves each device simultaneously acting as a client and a server?
Peer
Client-server
P2P
Share

P2P

What type of learner tends to sit in the middle of the class and learns best through lectures and discussions?
Visual
Auditory
Kinesthetic
Spatial

Auditory

Select below the option that best describes a policy:
A collection of requirements specific to the system or procedure that must be met by everyone
A collection of suggestions that should be implemented
A list of all items that have a positive economic value
A document that outlines specific requirements or rules that must be met

A document that outlines specific requirements or rules that must be met

Websites that group individuals and organizations into clusters or groups based on some sort of affiliation are considered to be what type of websites?
social networking
social engineering
social management
social control

social networking

What is the name for a framework and corresponding functions required to enable incident response and incident handling within an organization?
Incident reporting
Incident management
Incident handling
Incident planning

Incident management

Due to the potential impact of changes that can affect all users in a organization, and considering that security vulnerabilities can arise from uncoordinated changes, what should an organization create to oversee changes?
change management team
incident response team
security control team
compliance team

change management team

​What is the most common type of P2P network?
​Kazaa
​Bittorrent
​eDonkey
​Sneakernet

​Bittorrent

A collection of suggestions that should be implemented are referred to as a:
security policy
baseline
guideline
security procedure

guideline

The "framework" and functions required to enable incident response and incident handling within an organization

Incident management

Risk control type that covers the operational procedures to limit risk.

Operational Risk Control Type

A risk control type that involves using technology to control risk

Technical risk control type

A methodology for making modifications to a system and keeping track of those changes.

Change Management

The expected monetary loss every time a risk occurs.

Single Loss Expectancy (SLE)

A security policy that outlines how the organization uses personal information it collects.

privacy policy

An event that in the beginning is considered to be a risk yet turns out to not be one.

False positive

A policy that defines the actions users may perform while access systems and networking equipment

Acceptable use policy

A network that does not have servers, so each device simultaneously functions as both a client and a server to all other devices connected to the network.

Peer-to-peer Network

An event that does not appear to be a risk but actually turns out to be one.

False negative

security chapter 14 - Subjecto.com

security chapter 14

Your page rank:

Total word count: 733
Pages: 3

Calculate the Price

- -
275 words
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

Audits serve to verify that the security protections enacted by an organization are being followed and that corrective actions can be swiftly implemented before an attacker exploits a vulnerability.

True

The first phase of the security policy cycle involves a vulnerability assessment.

True

What may be defined as the components required to identify, analyze, and contain an incident?
Vulnerability response
Incident response
Risk response
Threat response

Incident response

What kind of learners learn from taking notes, being at the front of the class, and watching presentations?
Kinesthetic
Auditory
Spatial
Visual

Visual

Generally considered to be the most important information security policies, what item below defines the actions a user may perform while accessing systems and networking equipment?
Acceptable use policies
Encryption policies
Data loss policies
VPN policies

Acceptable use policies

Most organizations follow a three-phase cycle in the development and maintenance of a security policy.

True

What concept below is at the very heart of information security?
threat
mitigation
risk
management

risk

What kind of policy outlines how organizations use personal information it collects?
VPN
network
encryption
privacy

privacy

A person’s fundamental beliefs and principals, which are used to define what is good, and how to distinguish right from wrong, are collectively called a person’s:
Morals
Values
Ethics
Standards

Values

The objective of incident management is to restore normal operations as quickly as possible with the least possible impact on either the business or the users.

true

What are values that are attributed to a system of beliefs that help the individual distinguish right from wrong called?
Morals
Ethics
Standards
Morays

Morals

A due process policy is a policy that defines the actions users may perform while accessing systems and networking equipment.

False

Which type of network below uses a direct connection between users, and involves each device simultaneously acting as a client and a server?
Peer
Client-server
P2P
Share

P2P

What type of learner tends to sit in the middle of the class and learns best through lectures and discussions?
Visual
Auditory
Kinesthetic
Spatial

Auditory

Select below the option that best describes a policy:
A collection of requirements specific to the system or procedure that must be met by everyone
A collection of suggestions that should be implemented
A list of all items that have a positive economic value
A document that outlines specific requirements or rules that must be met

A document that outlines specific requirements or rules that must be met

Websites that group individuals and organizations into clusters or groups based on some sort of affiliation are considered to be what type of websites?
social networking
social engineering
social management
social control

social networking

What is the name for a framework and corresponding functions required to enable incident response and incident handling within an organization?
Incident reporting
Incident management
Incident handling
Incident planning

Incident management

Due to the potential impact of changes that can affect all users in a organization, and considering that security vulnerabilities can arise from uncoordinated changes, what should an organization create to oversee changes?
change management team
incident response team
security control team
compliance team

change management team

​What is the most common type of P2P network?
​Kazaa
​Bittorrent
​eDonkey
​Sneakernet

​Bittorrent

A collection of suggestions that should be implemented are referred to as a:
security policy
baseline
guideline
security procedure

guideline

The "framework" and functions required to enable incident response and incident handling within an organization

Incident management

Risk control type that covers the operational procedures to limit risk.

Operational Risk Control Type

A risk control type that involves using technology to control risk

Technical risk control type

A methodology for making modifications to a system and keeping track of those changes.

Change Management

The expected monetary loss every time a risk occurs.

Single Loss Expectancy (SLE)

A security policy that outlines how the organization uses personal information it collects.

privacy policy

An event that in the beginning is considered to be a risk yet turns out to not be one.

False positive

A policy that defines the actions users may perform while access systems and networking equipment

Acceptable use policy

A network that does not have servers, so each device simultaneously functions as both a client and a server to all other devices connected to the network.

Peer-to-peer Network

An event that does not appear to be a risk but actually turns out to be one.

False negative

Share This
Flashcard

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more

NCLEX 300-NEURO

A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message
sending