среда, 11 ноября 2015 г.
CIS 333 WEEK 4 QUIZ 7
- Question 1
1 out of 1 points
It’s essential to match your organization’s required __________ with its security structure.
Answer
| |||||
- Question 2
0 out of 1 points
________ provides information on what is happening as it happens.
Answer
| |||||
- Question 3
0 out of 1 points
Which of the following is the definition of anomaly-based IDS?
Answer
| |||||
- Question 4
1 out of 1 points
Audits also often look at the current configuration of a system as a snapshot in time to verify that it complies with ________.
Answer
| |||||
- Question 5
0 out of 1 points
A method of security testing that isn’t based directly on knowledge of a program’s architecture is the definition of ________.
Answer
| |||||
| |||||
0 out of 1 points
Which of the following is the definition of white-box testing?
Answer
| |||||
- Question 7
1 out of 1 points
As your organization evolves and as threats mature, it is important to make sure your __________ still meet(s) the risks you face today.
Answer
| |||||
- Question 8
0 out of 1 points
Security audits help ensure that your rules and __________ are up to date, documented, and subject to change control procedures.
Answer
| |||||
- Question 9
0 out of 1 points
What is a Security Information and Event Management (SIEM) system?
Answer
| |||||
- Question 10
0 out of 1 points
What is meant by gray-box testing?
Answer
| |||||
- Question 11
0 out of 1 points
Which of the following is the definition of false negative?
Answer
| |||||
- Question 12
0 out of 1 points
Which of the following defines network mapping?
Answer
| |||||
- Question 13
0 out of 1 points
Which of the following is the definition of pattern-based IDS?
Answer
| |||||
- Question 14
0 out of 1 points
________ gives you the opportunity to review your risk-management program and to confirm that the program has correctly identified and reduced (or otherwise addressed) the risks to your organization.
Answer
| |||||
- Question 15
0 out of 1 points
What term is used to describe a reconnaissance technique that enables an attacker to use port mapping to learn which operating system and version are running on a computer?
Answer
| |||||||
- Question 16
1 out of 1 points
SOC 2 and SOC 3 reports both address primarily ________-related controls.
Answer
| |||||
- Question 17
0 out of 1 points
If knowing about an audit changes user behavior, an audit will ____________.
Answer
| |||||
- Question 18
0 out of 1 points
Audits are necessary because of ________.
Answer
| |||||
- Question 19
0 out of 1 points
Which of the following is the definition of hardened configuration?
Answer
| ||||
- Question 20
0 out of 1 points
One of the best ways to avoid wasting your organization’s resources is to ensure that you follow the ________ review cycle.
Answer
| ||||
CIS 333 WEEK 3 QUIZ 6
- Question 1
1 out of 1 points
What term is used to describe a benchmark used to make sure that a system provides a minimum level of security across multiple applications and across different products?
Answer
| |||||
- Question 2
1 out of 1 points
Because personnel are so important to solid security, one of the best security controls you can develop is a strong security ___________ and awareness program.
Answer
| |||||
- Question 3
0 out of 1 points
What is meant by standard?
Answer
| |||||
- Question 4
1 out of 1 points
________ states that users must never leave sensitive information in plain view on an unattended desk or workstation.
Answer
| |||||
- Question 5
0 out of 1 points
What is meant by certification?
Answer
| |||||
- Question 6
0 out of 1 points
One of the most popular types of attacks on computer systems involves ___________. These attacks deceive or use people to get around security controls. The best way to avoid this risk is to ensure that employees know how to handle such attacks.
Answer
| |||||
- Question 7
1 out of 1 points
For all the technical solutions you can devise to secure your systems, the __________remains your greatest challenge.
Answer
| |||||
- Question 8
0 out of 1 points
What term is used to describe a set of step-by-step actions to be performed to accomplish a security requirement, process, or objective?
Answer
| |||||
- Question 9
0 out of 1 points
Your organization’s __________ sets the tone for how you approach related activities.
Answer
| |||||
- Question 10
0 out of 1 points
The primary task of an organization’s __________ team is to control access to systems or resources.
Answer
| |||||
- Question 11
0 out of 1 points
When an information security breach occurs in your organization, a __________ helps determine what happened to the system and when.
Answer
| |||||
- Question 12
1 out of 1 points
What is meant by authorizing official (AO)?
Answer
| |||||
- Question 13
1 out of 1 points
The process of managing the baseline settings of a system device is called ________.
Answer
| |||||
- Question 14
1 out of 1 points
From the perspective of a _________ professional, configuration management evaluates the impact a modification might have on security.
Answer
| |||||
- Question 15
1 out of 1 points
The name given to a group that is responsible for protecting sensitive data in the event of a natural disaster or equipment failure, among other potential emergencies, is ________.
Answer
| |||||
- Question 16
1 out of 1 points
Which of the following is the definition of guideline?
Answer
| |||||
- Question 17
0 out of 1 points
What or who is the individual or team responsible for performing the security test and evaluation for the system and for preparing the report for the AO on the risk of operating the system?
Answer
| |||||
- Question 18
0 out of 1 points
Which of the following is the definition of system owner?
Answer
| |||||
- Question 19
0 out of 1 points
_________ ensures that any changes to a production system are tested, documented, and approved.
Answer
| |||||
- Question 20
0 out of 1 points
___________ are the benchmarks that help make sure a minimum level of security exists across multiple applications of systems and across different products.
Answer
| ||||
Подписаться на:
Комментарии (Atom)