ISSC 471 Quiz 2 QUESTIONS AND ANSWERS
Part 1 of 1 - 15.0 Points
Question 1 of 15
Points
Within the LAN-to-WAN Domain, what connects two or
... [Show More] more separate networks?
A. switch
B. router
C. server
D. MPLS Answer Key: B
Question 2 of 15
Points
The PCI DSS standard is used for the type of industry.
A. insurance
B. payment card
C. health care
D. government Answer Key: B
Question 3 of 15
Points
What are the internal codes of ethics often called?
A. Internal CEs
B. Employer driven codes of ethics
C. Regulation driven codes of ethics
D. Professional association driven codes of ethics Answer Key: B
Question 4 of 15
Points
Using a VPN solution allows for choices such as IPSec, L2F, and GRE. What are these?
A. Encapsulating protocols
B. User security
C. Policies
D. Applications Answer Key: A
Question 5 of 15
Points
There are the two main types of attacks that may originate from within your organization: internal attacks on your organization and .
A. internal attacks on you
B. internal to external attacks on another organization
C. external attacks on your organization
D. internal attacks on top management Answer Key: B
Question 6 of 15
Points
The ultimate goal is to define access control where each user has the permission to carry out assigned tasks and nothing else. This is called the .
A. user process
B. principle of least privilege
C. principle of AUP process
D. access controls Answer Key: B
Question 7 of 15
Points
One formal method to control the software development life cycle is .
A. software configuration management
B. secure configuration management
C. hardware application management
D. software application management Answer Key: A
Question 8 of 15
Points
The IIA provides audit-related certifications, including .
A. CISM
B. CISA
C. CIA
D. ISACA Answer Key: C
Question 9 of 15
Points
Which one of the following strategies is used for encrypting data to send to remote users?
A. Application data encryption
B. Network data encryption
C. Server data encryption
D. Not possible Answer Key: A
Question 10 of 15
Points
This code has Integrity, Objectivity, Confidentiality, and Competency as its core principles. What professional code is this?
A. ISSP
B. CIA
C. IIA
D. HIPPA Answer Key: C
Question 11 of 15
Points
COBIT stands for .
A. Control Objectives for Information and Related Technology
B. Common Objects for Information and Technology
C. Control Objects for Information Technology
D. Common Objectives for Information and Technology
Answer Key: A
Question 12 of 15
Points
Many organizations use an RACI matrix to document tasks and the personnel responsible for the assignments. RACI stands for , , consulted, and informed.
A. responsible, accountable
B. required, accepted
C. response, accepted
D. response, accountable Answer Key: A
Question 13 of 15
Points
When hiring personnel, you should communicate your organization’s security policy clearly. The employee’s or contractor’s is a common document that accomplishes this task.
A. user policy
B. user agreement
C. confidential agreement
D. access agreement Answer Key: C
Question 14 of 15
Points
The GIAC Certification is based on over three dozen exam certification objectives. What does GIAC stand for?
A. Global Information Assurance Certification
B. General Information Assurance Certification
C. Gold Information Assurance Certification
D. Guideline Information Assurance Certification Answer Key: A
Question 15 of 15
Points
How can you maintain a System/Application Domain?
A. OS patch management
B. Application patch management
C. Domain management
D. Both a and b options are correct
Answer Key: D [Show Less]