computers

yvfno
timer Asked: May 27th, 2013

Question Description


Problem:1. What is the primary weakness of a rate-of-rise temperature detector when used as a fire detection device?
There are no weaknesses
It consumes a great deal more power
It will not work if there is
...there is moreshow problem
1. What is the primary weakness of a rate-of-rise temperature detector when used as a fire detection device?
There are no weaknesses
It consumes a great deal more power
It will not work if there is a power outage
The fire has to be somewhat advanced before it will be detected

2. What is the most likely consequence of not having a formal process for information assurance?
Data will be lost
Understanding of the contents of the asset base will be lost
Profits will be significantly reduced
New information may be lost

3. Who assigns a user's rights to data in a discretionary access control model?
The user of the data
The Chief Information Officer (CIO)
The owner or manager of the data
The creator of the data

4. What is the purpose of risk analysis
To identify all potential threats
To assign probabilities to each of the potential threats
To assign a cost to each of the potential threats
To understand all of the implications of the threat picture

5. Why is it necessary to determine if a prospective hire for a sensitive position has a vulnerability from their past?
The vulnerability always shows a weakness of character
The vulnerability makes them more vulnerable to potential blackmail
The vulnerability can be exploited in order to force them to work harder
The vulnerability may be a violation of a company policy

6. The value of a corrective action is dependent upon:
The value of the information asset
The cost of delivering the corrective action
The ability to deliver the corrective action in sufficient time
The person delivering the corrective action

7. Which of the following is the appropriate order for the first four steps in developing a control set?
Organization set-up, asset identification and baselining, asset valuation, risk analysis
Organization set-up, selection of the control set, asset identification and baselining, asset valuation
Organization set-up, asset identification and baselining, asset valuation, selection of the control set
Organization set-up, asset identification and baselining, risk analysis, asset valuation

8. How many phases are there to a DITSCAP evaluation?
3
4
5
6

9. In a Role-Based Access Control model, users of information are granted permission to access the data based on what criteria?
The duties that they are to perform
Their security clearance
Their position in the organizational hierarchy
Whether they own the data or not

10. Which of the following is NOT a constraint in the development of assurance policies?
Legal
Managerial
Ethical
Business

11. How many different categories or levels of risk are commonly used in an information assurance program?
Two - low and high
Three - low, medium, and high
Four - none, low, medium, and high
Five - none, low, medium, high, and critical

12. What is the concept of separation/duplication of duties?
Where complex jobs are split among more than one person
Where no critical function can be executed by a single person
Where redundant jobs are created so that there is a guarantee that the job will be done
Where two or more groups are required to work in isolation and forbidden to discuss their tasks with each other

13. Which of the following sequences represents the information assurance control environments, moving from the inside out
Technical control environment, management control environment, operational control environment
Technical control environment, operational control environment, management control environment
Management control environment, technical control environment, operational control environment
Management control environment, operational control environment, technical control environment

14. Which of the following is NOT part of the final report from an audit?
A list of the persons responsible for any non-conformance discovered
The purpose and scope of the audit
Audit targets
Evaluation criteria

15. What is the role of an assurance specification?
It documents how an information assurance policy was designed
It documents why a specific information assurance policy exists
It documents how the organization validates the execution of an assurance function
It documents the consequences of not following an information assurance function

16. Which of the following is NOT a phase in a DITSCAP evaluation?
Definition
Verification
Validation
Retrospective

17. What is the definition of the feasibility of an information assurance task?
The probability that the task can be accomplished
The probability that the task will not be accomplished
A measure of the consequences of the task not being done
A measure of the consequences of the task being done

18. Which of the following is NOT a specification to communicate the steps to ensure an end-to-end information assurance process?
Specification of the consequences of non-compliance
Specification of management practices
Specification of operations practices
Specification of assurance and accountability practices

19. Which of the following is NOT one of the disaster response countermeasures?
Planning
Awareness
Anticipation
Preparation

20. Which of the following is NOT a factor in establishing a secure space?
Location
Access
Control
Personnel issues

21. What are the three levels of controls provided by monitors?
Detection, a record of events, recognition
Detection, recognition, identification
Recognition, a record of events, identification
Detection, identification, a record of events

22. What is the only feasible response to issues regarding human factors?
Have people attend regular training sessions
Having a coherent and explicit definition of acceptable behavior
Give people enough flexibility in their responses so that there is no resentment on their part
Require people to monitor each other and encourage them to report any deviations from the security rules

23. What is the order of the elements in the information assurance pyramid from base to peak?
People, operations, technology
Technology, people, operations
Technology, operations, people
People, technology, operations

24. Which of the following is the most commonly used financial factor when evaluating a countermeasure?
Return on investment (ROI)
Revenue change
Change in expenses
Change in net profit

25. Which of the following is NOT a factor of a properly functioning reference monitor?
Completeness
Isolation
Verifiability
Integrity

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

This question has not been answered.

Create a free account to get help with this and any other question!

Related Tags

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors