1
PRACTICE TEST B-UCERTIFY
Question 1 : Which of the following is a process of
shifting the risk to a third party, together with
the ownership of the response?
✓ Risk transference
Q:
Question 2 : Which of the following terms related
to risk management represents the estimated
frequency at which a threat is expected to occur?
✓ Annualized Rate of Occurrence (ARO)
Q:
Question 3 : Which of the following is used to
ensure that standardized methods and procedures are
used for efficient handling of all modifications?
✓ Change management
Q:
Question 4 : Sharon is revising the acceptable use
policies for her company. Her instructions are to
have a comprehensive acceptable use policy, but to
focus on acceptable use only, and not other types
of policies, such as privacy, security, and so on.
What is the primary focus of an acceptable use
policy?
✓ To outline appropriate use of computer
equipment and services
, 2
Q:
Question 5 : You are responsible for the network
security of a company. You have reviewed the
acceptable use policy and found that it is very
thorough. What factors might make it difficult to
enforce?
Each correct answer represents a complete solution.
Choose all that apply.
✓ If not all employees are required to read
and sign
✓ If it is not clear or uses technical
jargon an average person might (correct)
not understand
✓ If it is not applied consistently
throughout the organization
✓ If it is not clear on what the penalties
for violation are
Q:
Question 6 : Which of the following policies
contain rules for creating user accounts and
passwords?
✓ Security policies
Q:
Question 7 : Which method should you adopt to
create awareness among new employees about the
security policies of the organization?
✓ Tell about the security policies during
the induction program for new employees.
, 3
Q:
Question 8 : Which of the following is a security
benefit of mandatory vacations?
✓ Detecting fraud
Question 9 : Which of the following sets intervals
at which employees must switch their positions?
✓ Job rotation
Q:
Question 10 : Denish is the IT manager for an
insurance company. He has decided that when an
employee leaves the company, all network access
will be cancelled the same day. What type of
control is this?
✓ Operational
Q:
Question 11 : Jennifer is a security administrator
for her company. Management is very concerned about
intruders. In response to that concern, Jennifer
has decided to utilize an Intrusion Prevention
System. How might this cause problem for legitimate
system users?
✓ A false positive could shut down
legitimate communications.
PRACTICE TEST B-UCERTIFY
Question 1 : Which of the following is a process of
shifting the risk to a third party, together with
the ownership of the response?
✓ Risk transference
Q:
Question 2 : Which of the following terms related
to risk management represents the estimated
frequency at which a threat is expected to occur?
✓ Annualized Rate of Occurrence (ARO)
Q:
Question 3 : Which of the following is used to
ensure that standardized methods and procedures are
used for efficient handling of all modifications?
✓ Change management
Q:
Question 4 : Sharon is revising the acceptable use
policies for her company. Her instructions are to
have a comprehensive acceptable use policy, but to
focus on acceptable use only, and not other types
of policies, such as privacy, security, and so on.
What is the primary focus of an acceptable use
policy?
✓ To outline appropriate use of computer
equipment and services
, 2
Q:
Question 5 : You are responsible for the network
security of a company. You have reviewed the
acceptable use policy and found that it is very
thorough. What factors might make it difficult to
enforce?
Each correct answer represents a complete solution.
Choose all that apply.
✓ If not all employees are required to read
and sign
✓ If it is not clear or uses technical
jargon an average person might (correct)
not understand
✓ If it is not applied consistently
throughout the organization
✓ If it is not clear on what the penalties
for violation are
Q:
Question 6 : Which of the following policies
contain rules for creating user accounts and
passwords?
✓ Security policies
Q:
Question 7 : Which method should you adopt to
create awareness among new employees about the
security policies of the organization?
✓ Tell about the security policies during
the induction program for new employees.
, 3
Q:
Question 8 : Which of the following is a security
benefit of mandatory vacations?
✓ Detecting fraud
Question 9 : Which of the following sets intervals
at which employees must switch their positions?
✓ Job rotation
Q:
Question 10 : Denish is the IT manager for an
insurance company. He has decided that when an
employee leaves the company, all network access
will be cancelled the same day. What type of
control is this?
✓ Operational
Q:
Question 11 : Jennifer is a security administrator
for her company. Management is very concerned about
intruders. In response to that concern, Jennifer
has decided to utilize an Intrusion Prevention
System. How might this cause problem for legitimate
system users?
✓ A false positive could shut down
legitimate communications.
