Question: Acceptable action and practice can be obtained from:
a. Baseline study
b. Policy
c. Audit
d. Monitoring
Solution: Policy
Question: The one that should have the most on-the-field skills in a security team is the:
a. Chief Executive Officer
b. Chief Information Security Officer
c. Security manager
d. Security technician
Solution: Security technician
Question: The following can be used for background checks for prospective employee EXCEPT:
a. Social media presence
b. Lecturer's recommendation letter
c. Parent's phone call verification
d. Medical information history
Solution: Parent's phone call verification
Question: Which of the following could BEST describe the importance of job or task rotation from security perspective
a. Sharing responsibility of doing the job among employees
b. Ease the burden of the employee from being responsible for one task in a long time
c. Prevent corruption of having too much control over a task
d. Jobs or tasks can be done much faster and more efficient
Solution: Prevent corruption of having too much control over a task
Question: The following are related to EXTERNAL Environment EXCEPT
a. Public network
b. Vendors
c. Virus and malware
d. Employee
Solution: Employee
Question: If you want to check for malware and virus activity in a network, which log will you look at?
a. Event log
b. Entry log
c. Access log
d. Manager's log
Solution: Event log
Question: The following are related to INTERNAL monitoring EXCEPT:
a. Organization's network
b. Cross site scripting threat
c. Office's software patches !
d. Security awareness
Solution: Cross site scripting threat
Question: Change management is important when implementing new security control because
a. It was described in the security model and must be followed
b. It involves changes affecting people and technicalities of doing things
c. It involves risk assessment to identify asset, threat and risk for an information asset
d. It addresses the cost benefit analysis to be presented to the management
Solution: It involves changes affecting people and technicalities of doing things
Question: Which of the following could best describe the reason why organization must omit job description that
describe access privileges?
a. The information is not important for the job being offered
b. It might leak possible guesses of interview questions based on the information
c. It reveals access level and possible control related to those privileges
d. Prospective employee could demand more pay when looking at the information
Solution: It reveals access level and possible control related to those privileges
Question: Which of the following is related to CHANGE MANAGEMENT
a. External Monitoring
b. Cost Benefit Analysis
c. Risk Assessment
d. IT Governance
Solution: IT Governance
No comments:
Post a Comment