devry SEC440 final exam 2105

Question # 00050772 Posted By: seekinghelp Updated on: 02/25/2015 10:18 AM Due on: 02/28/2015
Subject Urban Planning and Policy Topic General Urban Planning and Policy Tutorials:
Question
Dot Image

Page 1

Question 1.1. (TCO 1) A security policy must be accepted by (Points : 5)

management.

end-users.

customers.

all members of an organization.

Question 2.2. (TCO 2) What element of a security policy does the following phrase belong to? “This policy is established to achieve compliance with applicable statutes, regulations, and mandates regarding the management of information resources.” (Points : 5)

The statement of authority

The policy statement

The policy objectives

The policy audience

Question 3.3. (TCO 3) Which is the process of accumulating data regarding a specific logical or physical environment? (Points : 5)

Footprinting

Scanning

Enumeration

All of the above

Question 4.4. (TCO 4) Which of the following information about a person can be used to influence a hiring decision? (Points : 5)

Educational credentials

Negative credit history

Relevant certifications

All of the above

Question 5.5. (TCO 5) Why is it sometimes better to isolate critical equipment than it is to apply additional protective measures, in order to protect against exposure to greater hazards or risks from unauthorized access? (Points : 5)

Management requests it.

There is less risk involved.

It can be less costly.

Regulators prefer it.

Question 6.6. (TCO 5) A security perimeter is (Points : 5)

the widest imaginary circle around a facility.

a barrier of protection.

the field around which security alarms can monitor activity.

None of the above

Question 7.7. (TCO 6) Logging, as it pertains to media removal, is only needed when (Points : 5)

the media are paper based.

it is outsourced.

it is handled in-house.

It is always needed.

Question 8.8. (TCO 7) Prohibiting access to information not required for one’s work is the (Points : 5)

access need concept.

need-to-monitor concept.

need-to-know concept.

required information process concept.

Question 9.9. (TCO 8) Output validation is (Points : 5)

verifying that a piece of code does not have any inherent vulnerabilities.

making sure that employees know what information to enter in a new system.

testing an application system by entering all kinds of character strings in the provided fields.

testing what information an application system returns when information is entered.

Question 10.10. (TCO 9) This test subjects a system or device to real-world attacks. (Points : 5)

Audit

Penetration test

Assessment

Interview

Question 11.11. (TCO 10) As it pertains to HIPAA, which is a covered entity? (Points : 5)

A medical patient protected by HIPAA

A healthcare provider who must be compliant with HIPAA

A healthcare provider who does NOT have to be compliant with HIPAA

A medical patient NOT protected by HIPAA

Question 12.12. (TCO 10) Which of the following standards includes monitoring failed log-ons? (Points : 5)

Access Control

Audit Controls

Device and Media Controls

Integrity Controls

Question 13.13. (TCO 11) Which government agency is in charge of developing technical security standards and guidelines for unclassified federal systems, according to FISMA? (Points : 5)

The OMB

NIST

The OCS

The NSA

Question 14.14. (TCO 11) Transmitting ePHI in e-mail is not recommended because (Points : 5)

e-mail is usually in clear text.

e-mail can be forwarded.

Both A and B

Neither A nor B

Question 15.15. (TCO 12) Attaching an unauthorized wireless network to the corporate network is considered (Points : 5)

a major breach in network security and a violation of the security policy.

a major breach in network security but not a violation of the security policy.

a violation of the security policy but not a major breach in network security.

neither a major breach in network security nor a violation of the security policy.

Question 16.16. (TCO 12) A strong password is at least how many characters? (Points : 5)

5

6

7

8

Question 17.17. (TCO 1) A policy that secures and protects assets from foreseeable harm and provides flexibility for the unforeseen is (Points : 5)

accurately reflecting the current technology environment.

complying with applicable government policy.

the best goal for a new policy.

approved by management and understood by everyone.

Question 18.18. (TCO 2) Which of the following should you strive for in the policy statement, in order to have a well-written policy? (Points : 5)

Contain areas that address every aspect of operations and information and every area affecting the organization’s information assets.

Spell check the document to avoid typographical errors.

Include applicable standards, guidelines, and procedures within the policy document.

Describe everything in layman’s terms so that it is clear the policy is a statement of everyone’s intent.

Question 19.19. (TCO 3) When it comes to information security, what is labeling the primary vehicle for? (Points : 5)

Communicating the sensitivity level

Communicating the access controls

Enforcing the access controls

Auditing the access controls

Question 20.20. (TCO 5) In the context of information security, environmental security would refer to all of the following except (Points : 5)

design and construction of facilities.

configuration of wireless access points.

where equipment is stored.

how and where people move.

Page 2

Question 1. 1. (TCO 3) Explain and contrast the core information security concepts of confidentiality, integrity, and availability. (Points : 40)

Question 2. 2. (TCO 8) Describe the steps a system development team could take to make sure security features are designed into newly developed systems, and explain why this is important to an organization. (Points : 40)

Question 3. 3. (TCO 10) Describe and explain the HIPAA Security Rule. (Points : 40)

Question 4. 4. (TCO 12) What should every small business do to ensure that it is secure? (Points : 40)

Dot Image
Tutorials for this Question
  1. Tutorial # 00047939 Posted By: seekinghelp Posted on: 02/25/2015 10:19 AM
    Puchased By: 4
    Tutorial Preview
    The solution of devry SEC440 final exam 2105...
    Attachments
    devry_sec440_finale_xam.docx (15.98 KB)
    Recent Feedback
    Rated By Feedback Comments Rated On
    hip...eder Rating Easy to understand tutorials 05/21/2015
    o...t Rating Gives best advice and strategies 11/22/2015

Great! We have found the solution of this question!

Whatsapp Lisa