Saint COm510 final exam

| November 17, 2015


Question 1.1.Which of the following is a subprocess of the unfreezing process in Lewin’s change model? (Points : 5)

cognitive redefinition
realization that a new method is the best way
creation of psychological safety or overcoming learning anxiety
imitation and positive or defensive identification with a role model

Question 2.2.A _____ is an example of the “something you are” authentication mechanism. (Points : 5)

smart card
signature pattern recognition

Question 3.3.A security technician usually reports to a person with a ____ level of authority. (Points : 5)


Question 4.4.The ____ certification program is an option for individuals who wish to take the CISSP or SSCP exams before obtaining the requisite experience for certification. (Points : 5)

(ISC)² Associate

Question 5.5._____ allow only specific packets with a particular source, destination, and port address to pass through it. (Points : 5)

dynamic packet filtering firewalls
packet filtering firewalls
stateful inspection firewalls
application-level firewalls

Question 6.6.The analysis team presents its proposed mitigation plans to the _____ group. (Points : 5)

information technology
senior management
information security
middle management

Question 7.7._____ is the third generation of firewalls. (Points : 5)

stateful inspection firewall
application-level firewall
dynamic packet filtering firewall
packet filtering firewalls

Question 8.8.The _____ team is involved in the operational area management knowledge process. (Points : 5)

middle managers
senior managers
information security
independent consultants

Question 9.9.____ work on special projects for organizations, and are self-employed people with their own contractual obligations and security requirements. (Points : 5)

Business partners
Temporary workers

Question 10.10._____ is the most critical success factor for security risk evaluations. (Points : 5)

selecting the analysis team
scoping the OCTAVE Method
getting senior management sponsorship
selecting participants

Question 11.11.The ____ is a division of the NSA, and provides a wide variety of information security solutions for cyber defense. (Points : 5)


Question 12.12.In a cost-benefit analysis, the _____ is the value to the organization of using controls to prevent losses associated with a specific vulnerability? (Points : 5)

loss expectancy
asset value

Question 13.13.Deliberate software attacks include worms, denial of service, macros, and ____. (Points : 5)

unknown loopholes

Question 14.14.The Public Company Accounting Reform and Investor Protection Act demands that the CEO and ____ assume direct and personal accountability for the completeness and accuracy of a publicly traded organization’s financial reporting and record-keeping systems. (Points : 5)


Question 15.15._____ is the primary and dominant cryptographic authentication and encryption framework for security development within the TCP/IP family of protocol standards. (Points : 5)

Secure Hypertext Transfer Protocol
Secure Shell
IP Security
Secure Sockets Layer

Question 16.16.An information security project wrap-up is usually a procedural task that would be assigned to a ____ staff member or an information security manager. (Points : 5)


Question 17.17.Which of the following is not an example of a disaster recovery plan? (Points : 5)

data recovery procedures
reestablishment of lost service procedures
information gathering procedures
shut down procedures

Question 18.18.In keeping with the requirements of the Public Company Accounting Reform and Investor Protection Act, the executives in an organization rely on the expertise of the ____ to ensure that the systems used to report and record information are sound. (Points : 5)


Question 19.19._____ technical controls defend against threats from outside of the organization. (Points : 5)

security planning
policy and law
education and training

Question 20.20.A(n) _____ is a valuable tool in managing an intrusion detection system. (Points : 5)

port scanner
consolidated enterprise manager

Question 21.21.In the US military classification scheme, ____ refers to information assets that would adversely affect US national interests if lost, misused, or made available to sources with unauthorized access. (Points : 5)

Confidential Data
Sensitive But Unclassified
Top Secret Data
Secret Data

Question 22.22.Which of the following is NOT part of the Implementing Controls phase of the Microsoft Security Risk Management program? (Points : 5)

seek holistic approach
organize by defense-in-depth
develop risk scorecard
all of these are part of this phase

Question 23.23.Enacted in 1999, the Gramm-Leach-Bliley Act addresses ____ issues. (Points : 5)

trade secrets

Question 24.24.Which of the following is a software asset type? (Points : 5)

test equipment
custom application
networking devices

Question 25.25.When it is developed, the CIFI body of knowledge is expected to cover ____. (Points : 5)

information security governance
response management
risk management

Question 26.26.Which law governs the federal agency use of personal information? (Points : 5)

The Telecommunications Deregulation and Competition Act of 1996
Computer Security Act of 1987
USA Patriot Act of 2001
Federal Privacy Act of 1974

Question 27.27.____ should not be allowed to wander freely in and out of buildings. (Points : 5)

Business partners
Service contractors
Temporary workers

Question 28.28.Which of the following is a domain of the CompTIA Security+ exam? (Points : 5)

general security concepts
business risk management
IS audit process
disaster recovery and business continuity

Question 29.29.Which access controls are structured and coordinated with a data classification scheme? (Points : 5)

mandatory access controls
discretionary access controls
role-based controls
nondiscretionary controls

Question 30.30.The ____ was enacted to prevent abuse of information while employed elsewhere. (Points : 5)

Electronic Communications Privacy Act of 1986
Public Company Accounting Reform and Investor Protection Act of 2002
Economic Espionage Act of 1996
Financial Services Act of 1999

Question 31.31.In phase 3 of the OCTAVE Method, the creation of mitigation plans occurs during the _____ process. (Points : 5)

development of a protection strategy
risk analysis
creation of threat profiles
identification of key components

Question 32.32.The identification of a system of interest occurs during the _____. (Points : 5)

identification of relative priorities
identification of key components
creation of threat profiles
evaluation of selected components

Question 33.33.Which of the following characteristics currently used today for authentication purposes is not considered truly unique? (Points : 5)

ID Cards

Question 34.34.Which of the following best describes the incident response plan? (Points : 5)

actions undertaken by an organization during an attack
recovery preparations
step-by-step rules to regain normalcy
strategies to limit business losses before and during a disaster

Question 35.35._____ firewalls are simple network devices that examine all incoming and outgoing packet headers, selectively allowing or rejecting packets. (Points : 5)

packet filtering
stateful inspection

Question 36.36.Which of the following is a responsibility of an information security department manager? (Points : 5)

offering technical information security consulting services to network administrators
running vulnerability identification software packages
preparing post-mortem analyses of information security breaches
training Access Control System administrators to set up firewalls

Question 37.37.Which official determines which package best serves the needs of the organization? (Points : 5)

VP of Human Resources

Question 38.38._____ are software programs or hardware/software appliances that allow administrators to restrict content that comes into a network. (Points : 5)

port scanners
packet sniffers
vulnerability scanners
content filters

Question 39.39.From Schwartz et al., information security positions can be categorized as those that define, those that build, and those that ____. (Points : 5)


Question 40.40._____ is a biometric authentication system that is considered to be least secure. (Points : 5)

keystroke pattern recognition
signature recognition
retina pattern recognition
fingerprint recognition

Get a 5 % discount on an order above $ 150
Use the following coupon code :
Kaplan IT499 unit 5 assignment 18132
UMUC IFSM301 IT Decision Paper 24484

Category: Homework Help

Our Services:
Order a customized paper today!
Open chat
Hello, we are here to help with your assignments