Fundamentals of Information Systems Security Chapter 1 Assessment

0.0(0)
studied byStudied by 0 people
0.0(0)
full-widthCall with Kai
GameKnowt Play
New
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/14

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

15 Terms

1
New cards

Information security is specific to securing infor

mation, whereas information systems security is

focused on the security of the systems that house

the information.

True

2
New cards

Software manufacturers limit their liability when

selling software using which of the following?

End-User License Agreements

3
New cards

The __________ tenet of information systems secu

rity is concerned with the recovery time objective.

Availability

4
New cards

If you are a publicly traded company or U.S. federal government agency, you must go public and announce that you have had a data breach and must inform the impacted individuals of that

data breach.

True

5
New cards

Organizations that require customer service representatives to access private customer data can best protect customer privacy and make

it easy to access other customer data by using which of the following security controls?

Blocking out customer private data details

and allowing access only to the last four

digits of Social Security numbers or account

number

6
New cards

The __________ is the weakest link in an IT

infrastructure

User Domain

7
New cards

Which of the following security controls can help

mitigate malicious email attachments?

All of the above --

A. Email filtering and quarantining

B. Email attachment antivirus scanning

C. Verifying with users that email source is

reputable

D. Holding all inbound emails with unknown

attachments

8
New cards

You can help ensure confidentiality by implementing __________.

A virtual private network for remote access

9
New cards

Encrypting email communications is needed if

you are sending confidential information within

an email message through the public Internet.

True

10
New cards

Using security policies, standards, procedures,

and guidelines helps organizations decrease

risks and threats

True

11
New cards

A data classification standard is usually part of

which policy definition?

Asset protection policy

12
New cards

A data breach is typically performed after which

of the following?

Unauthorized access to systems and application is obtained

13
New cards

Maximizing availability primarily involves minimizing __________.

All of the above --

A. The amount of downtime recovering from a

disaster

B. The mean time to repair a system or application

C. Downtime by implementing a business continuity plan

D. The recovery time objective

14
New cards

Which of the following is not a U.S. compliance

law or act

PCIDS

15
New cards

Internet IP packets are to cleartext what encrypted IP packets are to __________.

Ciphertext