Chapter 1 Assessment Flashcards Preview

Fundamentals of Information Systems Security > Chapter 1 Assessment > Flashcards

Flashcards in Chapter 1 Assessment Deck (15)
Loading flashcards...
1

Information security is specific to securing infor
mation, whereas information systems security is
focused on the security of the systems that house
the information.

True

2

Software manufacturers limit their liability when
selling software using which of the following?

End-User License Agreements

3

The __________ tenet of information systems secu
rity is concerned with the recovery time objective.

Availability

4

If you are a publicly-traded company or U.S. federal government agency, you must go public and announce that you have had a data breach and must inform the impacted individuals of that
data breach.

True

5

Organizations that require customer service representatives to access private customer data can best protect customer privacy and make
it easy to access other customer data by using which of the following security controls?

Blocking out customer private data details
and allowing access only to the last four
digits of Social Security numbers or account
number

6

The __________ is the weakest link in an IT
infrastructure

User Domain

7

Which of the following security controls can help
mitigate malicious email attachments?

All of the above --

A. Email filtering and quarantining
B. Email attachment antivirus scanning
C. Verifying with users that email source is
reputable
D. Holding all inbound emails with unknown
attachments

8

You can help ensure confidentiality by implementing __________.

A virtual private network for remote access

9

Encrypting email communications is needed if
you are sending confidential information within
an email message through the public Internet.

True

10

Using security policies, standards, procedures,
and guidelines helps organizations decrease
risks and threats

True

11

A data classification standard is usually part of
which policy definition?

Asset protection policy

12

A data breach is typically performed after which
of the following?

Unauthorized access to systems and application is obtained

13

Maximizing availability primarily involves minimizing __________.

All of the above --
A. The amount of downtime recovering from a
disaster
B. The mean time to repair a system or application
C. Downtime by implementing a business continuity plan
D. The recovery time objective

14

Which of the following is not a U.S. compliance
law or act

PCIDS

15

Internet IP packets are to cleartext what encrypted IP packets are to __________.

Ciphertext