100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Principles of Information Security 7th Edition by Whitman and Mattord $17.99   Add to cart

Exam (elaborations)

Principles of Information Security 7th Edition by Whitman and Mattord

 5 views  0 purchase
  • Course
  • Institution
  • Book

Principles of Information Security 7th Edition by Whitman and Mattord

Preview 2 out of 11  pages

  • September 6, 2024
  • 11
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
avatar-seller
TEST BANK For Principles of Information Security 7th
Edition by Whitman and Mattord



Which of the following acts is also widely known as the Gramm-Leach-Bliley Act? -
ANSWER: Financial Services Modernization Act

_________ assigns a status level to employees to designate the maximum level of
classified data they may access. - ANSWER: security clearance scheme

____ is any technology that aids in gathering information about a person or
organization without their knowledge. - ANSWER: Spyware

__________ law regulates the structure and administration of government agencies
and their relationships with citizens, employees, and other governments. - ANSWER:
Public

Complete loss of power for a moment is known as a ____. - ANSWER: fault

The goals of information security governance include all but which of the following?

1) Regulatory compliance by using information security knowledge and
infrastructure to support minimum standards of due care

2) Strategic alignment of information security with business strategy to support
organizational objectives


3) Risk management by executing appropriate measures to manage and mitigate
threats to information resources


4) Performance measurement by measuring, monitoring, and reporting information
security governance metrics to ensure that organizational objectives are achieved -
ANSWER: Regulatory compliance by using information security knowledge and
infrastructure to support minimum standards of due care

The _________ control strategy that attempts to eliminate or reduce any remaining
uncontrolled risk through the application of additional controls and safeguards. -
ANSWER: defense

A single loss ____________________ is the calculation of the value associated with
the most likely loss from an attack. - ANSWER: expectancy

, The Health Insurance Portability and Accountability Act Of 1996, also known as the
__________ Act, protects the confidentiality and security of health care data by
establishing and enforcing standards and by standardizing electronic data
interchange. - ANSWER: Kennedy-Kessebaum

__________ is an estimate of how many times per year you expect a specific type of
attack to occur. - ANSWER: ARO

Incident ____________________ is the process of examining a potential incident, or
incident candidate, and determining whether or not that candidate constitutes an
actual incident. - ANSWER: classification

As frustrating as viruses and worms are, perhaps more time and money is spent on
resolving virus ____________________. - ANSWER: hoaxes

A(n) ________ plan is a plan for the organization's intended strategic efforts over the
next several years. - ANSWER: tactical

__________ is a strategy for the protection of information assets that uses multiple
layers and different types of controls (managerial, operational, and technical) to
provide optimal protection. - ANSWER: Defense in depth

________often function as standards or procedures to be used when configuring or
maintaining systems. - ANSWER: SysSPs

The SETA program is a control measure designed to reduce the instances of
__________ security breaches by employees. - ANSWER: accidental

A methodology for the design and implementation of an information system that is a
formal development strategy is referred to as a __________. - ANSWER: systems
development life cycle

__________ was the first operating system to integrate security as its core functions.
- ANSWER: MULTICS

A computer is the __________ of an attack when it is used to conduct an attack
against another computer. - ANSWER: subject

The transfer of large batches of data to an off-site facility, usually through leased
lines or services, is called ____. - ANSWER: electronic vaulting

The ________is based on and directly supports the mission, vision, and direction of
the organization and sets the strategic direction, scope, and tone for all security
efforts. - ANSWER: EISP (Enterprise Information Security Policy)

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller kushboopatel6867. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $17.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

81113 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$17.99
  • (0)
  Add to cart