________Affects the performance of specific
a. Awareness b.
incentive c. Motivation d. Training
2.The is _______ is the well-defined set of steps that a
system developer follows in the development and maintenance of an information
d. System development lifecycle
3. Instead of bring
motivated by a desire to prove their art, hackers today by _______ and
a. Financial loss
b. Reputation c. Financial
Gain d. Notoriety
4. ______are typically composed of all the physical items
that might need to be factored into the protection scheme, including all
equipment and other physical property.
a. Audits b. Comparisons
c. References d. Baselines
5. The _____ is responsible for the evaluation of the
effectiveness of the procurement function in ensuring the security of all
a. SCO b. OCS c. COS
6. The ______
developers the necessary control set to ensure that risks to personal data are
a. Privacy specialist
b. Incident specialist c.
Control specialist d. Threat
7. Criterion- based access control is typically implemented
by means of a pre-programmed_______
list b. Access control list c. Discretionary list d. Access authorization list
8. The problem with protecting information is that it is
nothing more than _______ for something of value in the real world.
a. Parasite b.
Analog c. Process d. Substitute
9._______ can ensure that the money that is invest in
security provides the maximum benefit for the outlay.
a. Strategic evaluations
b. Focused evaluations c.
stressed evaluations d. Coast-based
10. In the world of business, the most common model for
access control is _________
a. R BAC b.
MAC c. DAC
11. Data recovery ______ provide a hardware and software
environment that is compatible with conditions of the primary site, as well as
the most recent backup of the data.
a. Cold site b.
Warm sites c. Hot sites d. Procedures
12. ______ has been achieved if the level of the
organizations community understanding and discourse is raised.
a. Motivation b.
Accountability c Recognition d. Maintenance
13. In the case of a (n) ________ incident, the aim response
management is to ensure that the nature of the incident is understood in as
timely fashion as possible, and the last possible response is deployed.
a. Expected b.
14. ________ are defects in applications and system software
that can be exploited by a threat.
a. Threats b.
Vulnerabilities c. Risks d. Patches
15. For_______ reporting purposes, the privacy specialist is
also accountable to maintain ongoing and effective communications with key
a. Control b.
Compliance c. Mitigation d. Performance
16. ______ connect a network to a common resource such as
a. Switches b. Proxies c. Routers d. Firewalls
17. Key_______ indicators provide a description of the
outcome of each control activity, and each key goal must be measurable.
a. Performance b.
Goal c. Risk d. acceptance
18. _________ functionality is almost always put in the code
that way for a malicious reason
a. Hidden b. Direct c. Required d. Observable
19. The processes that are followed by each organizational
unit amount to __________
a. Operating Instructions b. Control Instructions c. Standard Operating Procedure
d. Operational Standard
20. All of the behaviors that the creators of the EBK dumeed
necessary to ensure fundamentally proper security were categorized into
__________ competency areas.
a. 10 b.
12 c. 14 d. 16
21. The most frequently used method to identify hidden
vulnerabilities is a __________
a. Code Execution
b. Design review c.
Code Inspection d. sand box
22._________ can be created to record use and even keystroke
a. System Logs b.
Application Logs c. Specialized
Logs d. User Logs
23. The Enterprise continuity competency has the required
functional perspective of __________
a. Manage Design b.
Manage c. Manage, Design, Evaluate d. Manage, Evaluate
24. The process of _______ typically involves the generation
of a forensically sound copy of the evidence for the purpose of analysis.
a. Data access b.
Data collection c. Data retention d. Data classification
25. The EBK
specifies that the ________ capacity must encompass organizational data in all
forms of representation (electronic and hard copy) and it applies throughout
the life cycle of that data.
a. Management of data security b. Design of data security c. Function of data security d.
Design of data security
26. __________ is the second step in the process of
implementing a formal compliance process.
a. Risk Discovery
b. Risk Tolerance c. Risk
mitigation d. Risk assessment
27. ________ allow users who are outside the physical
boundaries of the network to access the network and its resources.
a. Remote access b.
Acceptable use c. Data security d. Encryption
28. ______ is highly detail-oriented and required a roadmap
of policies and procedures that is designed to ensure maximum compliance with a
wide range of rules and regulations.
a. Chain of evidence
b. Chain of Ownership c. Chain
of custody d. Chain of use
29. _______ are
commonly accepted means of
confirming the proper functioning of a given entity.
a. Audits b.
Reviews c. Assessments d. Tests
30. _______ are meant to optimize the cost risks factors for
information that would be lost.
a. Checkpoints b.
Restore points c. Recovery points d. Back up points
31. Analysis of EBK standard produced ________ critical work
a. 14 b. 35 c. 41
32. _______ defines the requirements that will underline how
separate of duties and least privilege will be assigned, and it underwrites the
enforcement of the individual accountability.
a. Scanning b.
Screening c. Treating d. Reviewing
33. The ________ sets a specific period of time to retain
each record type, after which that particular record is erased from the system
or archived in places that are difficult to access.
a. Data access policy
b. Data security policy c. Data retention policy d. Data loss policy
34. The _______ of a piece of information might be derived
from importance of the idea or criticality of the decision or it can be represent
simple things like your bank account number.
a. Value b.
Coast c. Effectiveness d. Assessment
35. ________ is the principal
without continuous unkeep , a well- organized process will tend to fall apart
a. Process entropy
b. System entropy c. Collective
entropy d. Partial entropy
36.________ is implemented by a formal, organization wide
physical security plan.
a. logical security protection b. Virtual security protection c. Physical security protection d. Tangible security protection
37. The ________ plan defines the behaviors that the
organization things will satisfy the EBK recommendation regarding the design
and implementation of common function that are part of each competency area.
a. Design and implementation b. evaluation c. Assessment d. Management
38. The regulatory and standards compliance competency has
the required functional perspective of ___
a. Manage, design b. Manage
c. Manage, Design, Evaluate d. Manage, Evaluate
39. The definitions for the functional areas are listed in
________ of the EBK
a. Section 4.0 b.
Section 4.1 c. Section 4.2 d. Section 4.3
40. The ________ is the person who is ultimately responsible
for ensuring that the products and security that are purchased by the IT
function are trust worthy
a. Security architect
b. CISCO c. CCIO d. Security engineer
41. Every personnel security strategy has to specify the
________ that will be used to ensure the discipline behavior of all
participants in the process
a. Process and standard
b. Process and procedures c.
Policies and procedures d. Standards
42. In a ______ , the
review team is led though the deliverable by the designer of the programmer
a. Walkthrough b.
Review c. Test d. Certification
43. In order to maintain _______ , it is important to obtain the appropriate
authorization from the right manager
a. Chain of process
b. Chain of custody c. Chain of
direction d. Chain of command
44. _____ simplify means that same actions taken by
different people would still produce the same result
a. Repudiation b.
Reproducibilety c. Integrity d. Authenticity
45. It is the responsibility of ______ to ensure a
continuous understanding of the company’s treat risk situation
a. Executive b.
Compliance c. Security of
operations d. Digital forensics
46. The audit activity at each stage revolves around either
preparing or reviewing
A. Audit results b.
Audit requirements c. Audits
controls d. Audit documentation
47. The effectiveness of the work instruction has to be able
to be ____ in order to ensure its consistency effective performance
a. Predicted b.
Assessment c. Invested d. Investigated
48. The components of
the governance process are called________ because the enforce specifics
b. Risk c. Gates d. Mortgages
49. _______ Included storages sources such as static means
a. Logical media b. Visual media
c d. Virtual media
50. Digital operations are often _______