The_________________________is the American contribution to an international effort to reduce the impact of copyright, trademark, and privacy infringement, especially when accomplished via the removal of technological copyright protection measures.
Digital Millennium Copyright Act (DMCA)
Guidelines that describe acceptable and unacceptable emplyee behaviors in the workpalce are known as __________.
The secret Service is chard with the detection and arrest of any person committing a United States federal offense relating to computer fraud and false identification crimes.
Thirty-four countries have ratified the European Council Cyber-Crime Convention as of April 2010.
Laws and policies and their associated penalites only dter if which of the following conditions is present?
a) Fear of penalty
b) Probablity of being caught
c) Probability of penalty being adminstered
d) All the above *
Individuals with authorization and privileges to manage information within the organization are most likely to cause harm or damage______.
Which of the following countries reported generally intolerant attitudes toward personal use of organizational computing resources?
The ______of 1999 provides guidance on the use of encryption and provides protection from government intervention.
Security and Freedom through Encryption Act
A(n) _______is an authorization issued by an organization for the repair, modifcation, or update of a piece of equipment.
In the U.S. military classfication scheme, ______data is any information or material the unauthorized disclosure of which reasonalby could be expected to cause damage to the national security.
The formal decision making process used when considering the economic feasibility of omplementing information security controls and sfeguards is called a(n)__________.
Leaving unattended computers on is one of the top information security mistakes made by individuals.
The ___________security policy is planning document that outlines the process of implementing security in the organization.
Technical controls are the tactical and technical implementations of security in the organization.
The ISSP sets out the requirements that must be met by the information security blueprint or framework.
A policy should sate that if employess violate a company policy, or an law using company technologies, the company will protect them, and the company is liable for the employee's actions.
Incident damage _______is the rapid determination of the scope of the breach of the confidentiality, integrity, and availability of information and infromation assets during or just following an incident.
___________controls cover security porcesses that are designed by strategic planners and implemented by the secruity administration of the organization.
in recent years, the broadband router devices that can function as packet-filtering firewalls have enhanced to combine the features of ________.
A ________filtering firewall can react to an emergent event and update or create rules to deal with the event.
In __________mode, the data within an IP packet encrypted, but the header information is not.
A (n) is "a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of tunneling protocol and security procedures.
The dominant architecture used to secure network acces today is the _______firewall.
The proxy server is often placed in an usecured area of the network or is placed in the _____zone.
One encryption method made popular by spy movies involves using the text in a book as the key to decrypt a message.
The most popluar version of____________involves hiding information within files that contain digital pictures or other images.
________is an integrated system of software, encryption, methodologies, protocols, legal agreements, and third-pary services that enables users to communicate securely.
The number of horizontal and vertical pixels captured and recorded is known as the images_____.
There are very few qualified and profssional agencies that provide physical security sonsulting and services.
________sprinklers are the newest form of sprinkler system and rly on the ultra-fine mists instead of traditionalshower-typer systems.
Interior walls reach only part way to the next floor, which leaves a space above the cieling of the offices but below the top of the storey. This space is called a(n) __________.
_______occurs when an authorized person presents a key to open a door, and other people, who may or may not be authorized to enter.
In general the design phase is accomplished by changing the configuration and operation of the organizations's information systems to make them more secure.
The date for sending the final RFP to vendors is considerd a(n), because it signals that all RFP prepartion work is complete.
The organization should integrate the security awarennes education inot a new hire's ongoing jobe oreintation and make it a part of every employee's on-the-job training.
To maintain a secure facility , all contract employess should be escoretd from room to room, as well as inot and out of the facility.
_________are often involved in national security and cyber-security taks and move from those enviroments into the more buiness-oriented world of information security.
The breadth and depth covered in each of the domains makes the _____one of the most difficult -to-attain certifications on the market.
_____is a cornerstone in the protection of information assets and in the prevention of financial loss.
Separation of duties
_______are hired by the organization to serve in a temporary position or to supplement the existing workforce.
Organizations are not required by law to protect employess information that is sensitive or personal.
If an organization deals successfully with change and has created procedures and systems that can be adjusted to the enviorment, the existing secruity improvement program will probably contine to work well.
An effective security program demands comprehensive and continous understanding of program and system configuration.
External monitoring entails collecting intelligence from various data sources and then giving that intelligence context and meaning for use by decision makers with the organization.
Overt time external monitoring processes should capture information about the the external enviroment in a format that can be referenced both across the organization as threats emrge and for historical use.
The characterstics concerned with manufactuer and software versions are about tehchnical functionality, and they should be kept highl accurate and up-to-date
All telephone numbers controlled buy an organization should be tested for modem vulnerability, unless the configuration of the phone equipment on premises can assure that no number can be dialed from the worldwide telephone system.
Remediation of vulnerabilites can be accompolished by accepting or transferring the rise, removing the threat, or repairing the vulnerablity.