MISY 5325 FINAL EXAM QUESTIONS WITH
CORRECT ANSWERS NEWLY MODIFIED
GRADED A+ TESTED AND APPROVED LATEST
UPDATE
A subject should be granted access to an object only if the access is
needed to carry out the job of the subject is called __ --CORRECT
ANSWER--Need To Know
A(n) __ cage is often built out of a mesh of conducting material that
prevents electromagnetic energy from entering into or escaping from
the cage --CORRECT ANSWER--Faraday
A(n) ___ is composed of policies, plans, procedures, and people
codify management directives --CORRECT ANSWER--Incident
response team
A(n) __ is any observable occurrence in a system or network --
CORRECT ANSWER--Event
Page 1 of 91
,A(n) __ is composed of policies, plans, procedures, and people codify
management directives --CORRECT ANSWER--Incident response
team
Access __ are security features that govern how users and processes
communicate and interact with systems and resources --CORRECT
ANSWER--controls
Access controls can be technical or administrative but never physical
--CORRECT ANSWER--False
An identification scheme, an authentication method, and an
authorization model are the three common attributes of all access
controls --CORRECT ANSWER--True
An incident response team must have several basic policies and
procedures in place to operate satisfactorily, including the following
EXCEPT: --CORRECT ANSWER--information security
As described in NIST Special Publication 800-87, collection is
typically performed in a slow manner because of the likelihood of
losing static data --CORRECT ANSWER--False
Page 2 of 91
,As described in NIST Special Publication 800-87, examinations
involve forensically processing large amounts of collected data using
a combination of automated and manual methods to assess and extract
data of particular interest, while preserving the integrity of the data --
CORRECT ANSWER--True
As described in NIST Special Publication 800-87, the process for
performing digital forensics includes ALL EXCEPT: --CORRECT
ANSWER--triage
__ are a list of specific outcomes of technical and/or management
activities --CORRECT ANSWER--subcategories
__ are senior-level personnel who have the crisis management and
communication skills, experience, knowledge, and stamina to manage
an incident --CORRECT ANSWER--Designated incident handlers
(DIHs)
__ forensic evidence is information in digital form found on a wide
range of endpoint, server, and network devices --CORRECT
ANSWER--Digital
Page 3 of 91
, __ forensic evidence can take many forms, depending on the
conditions of each case and the devices from which the evidence was
collected --CORRECT ANSWER--Cybersecurity
__ group the elements of a function into collections of cybersecurity
outcomes --CORRECT ANSWER--Categories
__ is a carefully selected and well-trained team of professionals that
provides services throughout the incident life cycle --CORRECT
ANSWER--Incident response team(IRT)
__ is the application of science to the identification, collection,
examination, and analysis of data while preserving the integrity of the
information --CORRECT ANSWER--forensics
__ is the process of assigning authenticated subjects the permission to
carry out a specific operation --CORRECT ANSWER--Authorization
__ is the process of the subject supplying an identifier to the object --
CORRECT ANSWER--Identification
Page 4 of 91
CORRECT ANSWERS NEWLY MODIFIED
GRADED A+ TESTED AND APPROVED LATEST
UPDATE
A subject should be granted access to an object only if the access is
needed to carry out the job of the subject is called __ --CORRECT
ANSWER--Need To Know
A(n) __ cage is often built out of a mesh of conducting material that
prevents electromagnetic energy from entering into or escaping from
the cage --CORRECT ANSWER--Faraday
A(n) ___ is composed of policies, plans, procedures, and people
codify management directives --CORRECT ANSWER--Incident
response team
A(n) __ is any observable occurrence in a system or network --
CORRECT ANSWER--Event
Page 1 of 91
,A(n) __ is composed of policies, plans, procedures, and people codify
management directives --CORRECT ANSWER--Incident response
team
Access __ are security features that govern how users and processes
communicate and interact with systems and resources --CORRECT
ANSWER--controls
Access controls can be technical or administrative but never physical
--CORRECT ANSWER--False
An identification scheme, an authentication method, and an
authorization model are the three common attributes of all access
controls --CORRECT ANSWER--True
An incident response team must have several basic policies and
procedures in place to operate satisfactorily, including the following
EXCEPT: --CORRECT ANSWER--information security
As described in NIST Special Publication 800-87, collection is
typically performed in a slow manner because of the likelihood of
losing static data --CORRECT ANSWER--False
Page 2 of 91
,As described in NIST Special Publication 800-87, examinations
involve forensically processing large amounts of collected data using
a combination of automated and manual methods to assess and extract
data of particular interest, while preserving the integrity of the data --
CORRECT ANSWER--True
As described in NIST Special Publication 800-87, the process for
performing digital forensics includes ALL EXCEPT: --CORRECT
ANSWER--triage
__ are a list of specific outcomes of technical and/or management
activities --CORRECT ANSWER--subcategories
__ are senior-level personnel who have the crisis management and
communication skills, experience, knowledge, and stamina to manage
an incident --CORRECT ANSWER--Designated incident handlers
(DIHs)
__ forensic evidence is information in digital form found on a wide
range of endpoint, server, and network devices --CORRECT
ANSWER--Digital
Page 3 of 91
, __ forensic evidence can take many forms, depending on the
conditions of each case and the devices from which the evidence was
collected --CORRECT ANSWER--Cybersecurity
__ group the elements of a function into collections of cybersecurity
outcomes --CORRECT ANSWER--Categories
__ is a carefully selected and well-trained team of professionals that
provides services throughout the incident life cycle --CORRECT
ANSWER--Incident response team(IRT)
__ is the application of science to the identification, collection,
examination, and analysis of data while preserving the integrity of the
information --CORRECT ANSWER--forensics
__ is the process of assigning authenticated subjects the permission to
carry out a specific operation --CORRECT ANSWER--Authorization
__ is the process of the subject supplying an identifier to the object --
CORRECT ANSWER--Identification
Page 4 of 91
