Question
QUESTION 11 1. To be sure your security awareness training policy is effective, it should state the __________ with only the minimal detail, and rely
QUESTION 11
1. To be sure your security awareness training policy is effective, it should state the __________ with only the minimal detail, and rely on standards or guidelines for the __________.
A. why; how
B. how; why
C. what; why
D. how; what
QUESTION 12
1. Security awareness training policies should be written in such a way that they:
A. never need to be reviewed.
B. never need to be updated.
C. need regular review and updates.
D. wont need frequent updates.
QUESTION 13
1. To be sure your security awareness training policy is effective, the policys revision, approval, and distribution should:
A. be initiated by top management.
B. remain a secret.
C. be documented.
D. be known only to IT personnel.
QUESTION 14
1. Which of the following statements is true regarding security awareness training policy after the policy is approved?
A. It is usually sufficient to simply give a new employee a few minutes to read and sign a policy during orientation.
B. Policy understanding sessions can ensure that employees understand the policys reasoning and necessity.
C. Policy understanding sessions should be uniform, not be customized for particular employees.
D. There is typically no need for repeat sessions to reinforce the security awareness training policy.
QUESTION 15
1. Opening e-mails and unknown e-mail attachments, which can lead to malicious software and codes, is a risk that is typically found in the:
A. LAN Domain.
B. LAN-to-WAN Domain.
C. User Domain.
D. Workstation Domain.
QUESTION 16
1. Which of the following risks is typically found in the User Domain?
A. Software vulnerabilities
B. Humans and human nature
C. Network vulnerabilities
D. Unauthorized access to equipment
QUESTION 17
1. Dealing with employee apathy toward __________ is a risk that is typically found in the User Domain.
A. information systems security policy
B. operating system software vulnerabilities
C. application software vulnerabilities
D. using USB drives containing personal data on company computers
QUESTION 18
1. Implementing an e-mail filtering and quarantining system that examines embedded URL links inside e-mails and examines unknown file attachments in e-mails would be a security control to mitigate risks in the:
A. LAN Domain.
B. LAN-to-WAN Domain.
C. User Domain.
D. Workstation Domain.
QUESTION 19
1. Operating system software vulnerabilities and application software vulnerabilities are risks and threats that are typically found in the:
A. LAN Domain.
B. LAN-to-WAN Domain.
C. User Domain.
D. Workstation Domain.
QUESTION 20
1. Implementing content filtering and intrusion detection/intrusion prevention systems at the Internet ingress/egress as well as disabling system administration rights on user workstations are strategies that can be used for preventing users from:
A. downloading and installing unauthorized applications and software onto organization-owned IT assets.
B. inserting CDs, DVDs, and USB drives with personal data onto organization-owned IT assets.
C. accessing the Internet and surfing the Web.
D. clicking on unknown e-mail attachments and files.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Database Programming With Visual Basic .NET
Authors: Carsten Thomsen
2nd Edition
1590590325, 978-1590590324
