CSIS 340 Final Exam.Questions and Answers.Liberty University

CSIS 340 Final Exam.Questions and Answers.Liberty University The _____ domain connects an organizations private network to the Internet? To promote cultural change, the goal should be to make security policies _____? Without _____ sponsorship, users will be less likely to eagerly participate in awareness training. What needs do organizations have to classify data? The Security Compliance Committee _____? Web Services policies would be an example of _____ domain. Production data should be _____ before being used in a test environment? Which of the following includes guidelines under the LAN domain policies? Which of the following is a common cause of security breaches? What is a strong indicator that awareness training is not effective? Baseline standards for the LAN domain would include _____. Which of the following is not an organizational challenge when implementing security policies? The ______________ model was the first model developed to address the concerns of integrity. Originally published in 1977 _____ occurs when you manipulate or trick a person into weakening the security of an organization? Data in transit refers to what type of data? Simple security policy awareness requires that _____ report suspicious activity? A business impact analysis requires an impact report, component reliance, and a _____. _____ techniques can provide a security baseline for full operating systems and applications? A _____ standard describes the requirements for obtaining a domain name for use by external parties? A(n) _____ has an easier time bypassing security controls and hiding his or her tracks by deleting or altering logs and time stamps. _____ typically have the technical skills to make critical recommendation on how to stop an attack. Why should a security policy implementation be flexible to allow for updates? Two-factor authentication is a typical control used by employees to remotely access which of the following? It is necessary to retain data for what major reasons? A _____ is the first step in building a business continuity plan (BCP) to minimize losses. Security policy enforcement can include _____? _____ protects data at rest from all type of breaches. Once security policies are established, line management must _____ ? Outdated application controls place a greater reliance on _____? The following documents help capture domain security control requirements? The ________________ model uses mandatory access control to enforce the DoD multilevel security policy. Generally, an Acceptable Use Policy should outline _____? A _____ is a specialized group of people whose purpose is to respond to major incidents. Which of the following should be in an information response team charter? A(n) ______ ensures workers are conscious of security risks and how to deal with unexpected risk. Without a policy that leads to controls that restrict employees from installing their own software on a company workstation, a company could suffer which of the following consequences? Good reasons to monitor worker’s computer activities are when ______? A _____ is a common control that is used across a significant population of systems? Employer response to an employee posting company passwords on their social network site should include _____? Security experts consider _____ the weakest link in security. A malicious _____ attack uses viruses, worms, Trojan horses, and scripts to gain access to systems, applications, and data. You can use a _____ process to grant temporary elevated rights. The following organization has offered reliable security policies in the past to help organizations develop proper infrastructure policies. _____ are especially useful for identifying unauthorized changes. The Risk Management Continuous Improvement Model includes _____? The signs of an incident can be _____? _____ determines how quickly a business process should be recovered. A privileged-level access agreement (PAA) is designed to heighten the awareness and accountability of? ______ software is capable of capturing usernames, passwords, and websites visited on a local workstation? A _____ can identify hosts on a network and determine services running on the hosts