FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 12: Information Security Maintenance

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 1

Essay

Review LaterAdd Note

Review Later

List the four steps to developing a CM plan.

Correct Answer

verified

The four steps in developing t...

View Answer

Show Answer

Question 2

Multiple Choice

Review LaterAdd Note

Review Later

The __________ vulnerability assessment is designed to find and document vulnerabilities that may be present in the organization's wireless local area networks.

A)  wireless
B)  phone-in 
C)  battle-dialing
D)  network

Correct Answer

verified

Show Answer

Question 3

True/False

Review LaterAdd Note

An effective information security governance program requires constant change. _________________________

When possible, major incident response plan elements should be rehearsed. _________________________

CERT stands for "computer emergency recovery team." _________________________

Proven cases of real vulnerabilities can be considered vulnerability ____________________.

__________ allows for major security control components to be reviewed on a periodic basis to ensure that they are current, accurate, and appropriate.

__________, a level beyond vulnerability testing, is a set of security tests and evaluations that simulate attacks by a malicious external source (hacker) .

An intranet vulnerability scan starts with the scan of the organization's default Internet search engine.

Digital ___________ is a crime against or using digital media, computer technology, or related components; in other words, a computer is the source of the crime or the object of it.

The __________ Web site and list site seclists.org is home to the leading free network exploration tool, Nmap.

The ____________________ vulnerability assessment is designed to find and document vulnerabilities that may be present in the organization's wireless local area networks.

In an online or __________ data acquisition, forensic investigators use network-based tools to acquire a protected copy of the information.

The NIST SP 800-100 Information Security Handbook provides technical guidance for the establishment and implementation of an information security program. _________________________

__________ are a component of the security triple.

A general guideline for performance of hard drives suggests that when the amount of data stored on a particular hard drive averages 95% of available capacity for a prolonged period, you should consider an upgrade for the drive.

An attacker's use of a laptop while driving around looking for open wireless connections is often called war ____________________.

Inventory characteristics for hardware and software assets that record the manufacturer and versions are related to technical functionality, and should be highly accurate and updated each time there is a change.

The __________ is a statement of the boundaries of the RA.

In some instances, risk is acknowledged as being part of an organization's business process.