AC.L1-3.1.1 requires that all employees must have administrative access to all information systems. -
✔✔False. AC.L1-3.1.1 requires limiting information system access to authorized users only, not granting
administrative access to all.
AC.L1-3.1.1 mandates that only authorized users, processes, and devices should have access to
information systems. - ✔✔True
AC.L1-3.1.2 allows users to alter their access permissions whenever needed to ensure workflow
continuity. - ✔✔False. AC.L1-3.1.2 ensures that users can only perform authorized transactions and
functions, which includes not allowing them to alter their own permissions.
AC.L1-3.1.2 requires implementing access controls that restrict access to system functions and data
based on users' roles and responsibilities. - ✔✔True
AC.L1-3.1.20 suggests using unsecured external connections to facilitate easier access for remote users.
- ✔✔False. AC.L1-3.1.20 requires that external connections be approved, monitored, and periodically
reviewed for security.
AC.L1-3.1.20 mandates the use of secure methods, such as VPNs and encrypted connections, for
external access to information systems. - ✔✔True
AC.L1-3.1.22 requires that sensitive information be posted on public websites to ensure transparency. -
✔✔False. AC.L1-3.1.22 requires controlling the dissemination of public information to prevent
unauthorized release of sensitive information.
AC.L1-3.1.22 involves reviewing and approving information before it is made publicly available. -
✔✔True
IA.L1-3.5.1 permits the use of shared user accounts as long as the accounts are monitored. - ✔✔False.
IA.L1-3.5.1 requires unique user IDs and strong identity verification, not shared accounts.
, IA.L1-3.5.1 requires each user to have a unique identifier to track system access and actions accurately. -
✔✔True
IA.L1-3.5.2 recommends using simple and easily memorable passwords for authentication. - ✔✔False.
IA.L1-3.5.2 emphasizes the use of strong, complex passwords and other authentication methods.
MP.L1-3.8.3 allows electronic storage media to be discarded without any special procedures if it no
longer works. - ✔✔False. MP.L1-3.8.3 requires secure disposal methods such as physical destruction or
secure wiping of data.
MP.L1-3.8.3 requires organizations to securely wipe or destroy electronic storage media before disposal.
- ✔✔True
PE.L1-3.10.1 mandates that physical access to information systems should be limited to authorized
individuals. - ✔✔True
PE.L1-3.10.1 allows unrestricted access to all employees to ensure operational efficiency. - ✔✔False.
PE.L1-3.10.1 emphasizes limiting physical access to authorized individuals only.
PE.L1-3.10.3 requires visitors to be granted unrestricted access to all areas within the facility. - ✔✔False.
PE.L1-3.10.3 requires visitors to be escorted and monitored within restricted areas.
PE.L1-3.10.3 involves escorting visitors at all times and maintaining logs of their entry and exit. -
✔✔True
PE.L1-3.10.4 suggests that maintaining physical access logs is unnecessary for security purposes. -
✔✔False. PE.L1-3.10.4 requires maintaining physical access logs to track and monitor access to sensitive
areas.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through EFT, credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying this summary from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller VasilyKichigin. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy this summary for R239,18. You're not tied to anything after your purchase.