1|Page
ITN 267 midterm ACTUAL VERIFIED EXAM
QUESTIONS AND CORRECT DETAILED ANSWERS
LATEST UPDATE THIS YEAR.pdf 1||NEWEST EXAM!!!
What is a mantrap? - Answer-A method to control access
to a secure area
What does a seal program verify? - Answer-That an
organization meets recognized privacy principles
What techniques are used to create a list of the web
pages that a computer user visits? - Answer-Clickstreams,
cookies, and web beacons
Which amendment protects against unreasonable
searches and seizures? - Answer-Fourth
Privacy refers to a person's right to control personal data. -
Answer-True
What is the source of legal authority for the U.S.
government? - Answer-The U.S. Constitution
,2|Page
Which of the following is not a privacy tort? - Answer-
Defamation
The OECD privacy protection guidelines contain
________ privacy principles. - Answer-8
Which principle means that an individual should be told
the reason for data collection before the data is collected?
- Answer-The purpose specification principle
What are the two types of cookies? - Answer-First-party
and third-party cookies
What is a web beacon? - Answer-A small, invisible
electronic file
Employer monitoring of employees in the workplace is
generally allowed. - Answer-True
To monitor telephone conversations, an employer must
use equipment provided by a phone system service
,3|Page
provider and have ________. - Answer-A legitimate
business reason
Why is biometric data unique? - Answer-It cannot easily be
changed.
Which of the following is not a people-based privacy
threat? - Answer-Web beacons
What are the goals of an information security program? -
Answer-Availability, integrity, and confidentiality
An employee can add other employees to the payroll
database. The same person also can change all employee
salaries and print payroll checks for all employees. What
safeguard should you implement to make sure that this
employee does not engage in wrongdoing? - Answer-
Separation of duties
An organization obtains an insurance policy against
cybercrime. What type of risk response is this? - Answer-
Risk transfer
, 4|Page
Which of the following is an accidental threat? - Answer-A
well-meaning employee who inadvertently deletes a file
What is the window of vulnerability? - Answer-The period
between the discovery of a vulnerability and mitigation of
the vulnerability
A technical safeguard is also known as a ________. -
Answer-Logical control
Which of the following is not a threat classification? -
Answer-Process
What information security goal does a DoS attack harm? -
Answer-Availability
Which of the following is an example of a model for
implementing safeguards? - Answer-ISO/IEC 27002
Which of the following is not a type of security safeguard?
- Answer-Defective
ITN 267 midterm ACTUAL VERIFIED EXAM
QUESTIONS AND CORRECT DETAILED ANSWERS
LATEST UPDATE THIS YEAR.pdf 1||NEWEST EXAM!!!
What is a mantrap? - Answer-A method to control access
to a secure area
What does a seal program verify? - Answer-That an
organization meets recognized privacy principles
What techniques are used to create a list of the web
pages that a computer user visits? - Answer-Clickstreams,
cookies, and web beacons
Which amendment protects against unreasonable
searches and seizures? - Answer-Fourth
Privacy refers to a person's right to control personal data. -
Answer-True
What is the source of legal authority for the U.S.
government? - Answer-The U.S. Constitution
,2|Page
Which of the following is not a privacy tort? - Answer-
Defamation
The OECD privacy protection guidelines contain
________ privacy principles. - Answer-8
Which principle means that an individual should be told
the reason for data collection before the data is collected?
- Answer-The purpose specification principle
What are the two types of cookies? - Answer-First-party
and third-party cookies
What is a web beacon? - Answer-A small, invisible
electronic file
Employer monitoring of employees in the workplace is
generally allowed. - Answer-True
To monitor telephone conversations, an employer must
use equipment provided by a phone system service
,3|Page
provider and have ________. - Answer-A legitimate
business reason
Why is biometric data unique? - Answer-It cannot easily be
changed.
Which of the following is not a people-based privacy
threat? - Answer-Web beacons
What are the goals of an information security program? -
Answer-Availability, integrity, and confidentiality
An employee can add other employees to the payroll
database. The same person also can change all employee
salaries and print payroll checks for all employees. What
safeguard should you implement to make sure that this
employee does not engage in wrongdoing? - Answer-
Separation of duties
An organization obtains an insurance policy against
cybercrime. What type of risk response is this? - Answer-
Risk transfer
, 4|Page
Which of the following is an accidental threat? - Answer-A
well-meaning employee who inadvertently deletes a file
What is the window of vulnerability? - Answer-The period
between the discovery of a vulnerability and mitigation of
the vulnerability
A technical safeguard is also known as a ________. -
Answer-Logical control
Which of the following is not a threat classification? -
Answer-Process
What information security goal does a DoS attack harm? -
Answer-Availability
Which of the following is an example of a model for
implementing safeguards? - Answer-ISO/IEC 27002
Which of the following is not a type of security safeguard?
- Answer-Defective
