5 Written questions
5 Matching questions
- data classification scheme
- Computer Fraud and Abuse Act
- a Many corporations use a _____ to help secure the confidentiality and integrity of information.
- b _____ plans usually include all preparations fro the recovery process, strategies to limit losses during the disaster, and detailed steps to follow when the smoke clears, the dust settles, or the floodwaters recede.
- c The formal decision making process used when considering the economic feasibility of implementing information security controls and safeguards is called a(n) _____.
- d The National Information Infrastructure Protection Act of 1996 modified which Act?
- e The _____ model consists of six general phases.
5 Multiple choice questions
- The actions an organization can and perhaps should take while an incident is in progress should be specified in a document called the _____ plan.
- The _____ Portability and Accountability Act of 1996, also known as the Kennedy-Kassebaum Act, protects the confidentiality and security of health care data by establishing and enforcing standards and by standardizing electronic data interchange.
- _____ controls address personnel security, physical security, and the protection of production inputs and outputs.
- Part of the logical design phase of the SecSDLC is planning for partial or catastrophic loss. _____ dictates what steps are taken when an attack occurs.
- In most common implementation models, the content filter has two components: _____
5 True/False questions
Packet-filtering → _____ firewalls examine every incoming packet header and can selectively filter packets based on header information such as destination address, source address, packet type, and other key information.
distributed denial-of-service → "4-1-9" fraud is an example of a _____ attack.
PKI → ICMP uses port _____ to request a response to a query and can be the first indicator of a malicious attack.
(United States, Germany, Japan)
NONE OF THE ABOVE → An information system is the entire set of _____, people, procedures, and networks that make possible the use of information resources in the organization.
cold → Web hosting services are usually arranged with an agreement providing minimum service levels known as a(n) _____.