Exam (elaborations)
Principles of Information Security 7th Edition by Whitman and Mattord
- Course
- Institution
- Book
Principles of Information Security 7th Edition by Whitman and Mattord
[Show more]
Connected book
Book Title:
Author(s):
- Edition:
- ISBN:
- Edition:
More summaries for
-
INSTRUCTOR MANUAL Principles of Information Security 7th Edition By Whitman all chapters
-
Instructor Manual Principles of Information Security, 7th Edition by Michael E.Whitman (Complete Chapters)
-
Whitman and Mattord, Principles of Information Security 7th Edition, Verified Module 1 - 12, Complete Newest Version
Seller
Follow
kushboopatel6867
Reviews received
Content preview
TEST BANK For Principles of Information Security 7thEdition by Whitman and Mattord
Which of the following acts is also widely known as the Gramm-Leach-Bliley Act? -
ANSWER: Financial Services Modernization Act
_________ assigns a status level to employees to designate the maximum level of
classified data they may access. - ANSWER: security clearance scheme
____ is any technology that aids in gathering information about a person or
organization without their knowledge. - ANSWER: Spyware
__________ law regulates the structure and administration of government agencies
and their relationships with citizens, employees, and other governments. - ANSWER:
Public
Complete loss of power for a moment is known as a ____. - ANSWER: fault
The goals of information security governance include all but which of the following?
1) Regulatory compliance by using information security knowledge and
infrastructure to support minimum standards of due care
2) Strategic alignment of information security with business strategy to support
organizational objectives
3) Risk management by executing appropriate measures to manage and mitigate
threats to information resources
4) Performance measurement by measuring, monitoring, and reporting information
security governance metrics to ensure that organizational objectives are achieved -
ANSWER: Regulatory compliance by using information security knowledge and
infrastructure to support minimum standards of due care
The _________ control strategy that attempts to eliminate or reduce any remaining
uncontrolled risk through the application of additional controls and safeguards. -
ANSWER: defense
A single loss ____________________ is the calculation of the value associated with
the most likely loss from an attack. - ANSWER: expectancy
, The Health Insurance Portability and Accountability Act Of 1996, also known as the
__________ Act, protects the confidentiality and security of health care data by
establishing and enforcing standards and by standardizing electronic data
interchange. - ANSWER: Kennedy-Kessebaum
__________ is an estimate of how many times per year you expect a specific type of
attack to occur. - ANSWER: ARO
Incident ____________________ is the process of examining a potential incident, or
incident candidate, and determining whether or not that candidate constitutes an
actual incident. - ANSWER: classification
As frustrating as viruses and worms are, perhaps more time and money is spent on
resolving virus ____________________. - ANSWER: hoaxes
A(n) ________ plan is a plan for the organization's intended strategic efforts over the
next several years. - ANSWER: tactical
__________ is a strategy for the protection of information assets that uses multiple
layers and different types of controls (managerial, operational, and technical) to
provide optimal protection. - ANSWER: Defense in depth
________often function as standards or procedures to be used when configuring or
maintaining systems. - ANSWER: SysSPs
The SETA program is a control measure designed to reduce the instances of
__________ security breaches by employees. - ANSWER: accidental
A methodology for the design and implementation of an information system that is a
formal development strategy is referred to as a __________. - ANSWER: systems
development life cycle
__________ was the first operating system to integrate security as its core functions.
- ANSWER: MULTICS
A computer is the __________ of an attack when it is used to conduct an attack
against another computer. - ANSWER: subject
The transfer of large batches of data to an off-site facility, usually through leased
lines or services, is called ____. - ANSWER: electronic vaulting
The ________is based on and directly supports the mission, vision, and direction of
the organization and sets the strategic direction, scope, and tone for all security
efforts. - ANSWER: EISP (Enterprise Information Security Policy)
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller kushboopatel6867. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $17.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
78310 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now