Adequate Security and Administrative Controls

Questions and Answers

What is the primary objective of adequate security?

To implement only technical controls

To restrict access to all information

To prevent all possible risks

To ensure security commensurate with the risk and the magnitude of harm (correct)

What type of control typically involves policy and procedures?

Administrative control (correct)

Logical control

Physical control

Technical control

What is an example of an adverse event?

Network packet optimization

Execution of malicious code that destroys data (correct)

Successful login to a system

Regular system backup

What is the primary function of an application server?

Hosting applications to user workstations

What is the ability of computers and robots to simulate human intelligence and behavior?

Artificial intelligence

What is an example of an asset in an organization?

A company's building

What is the primary purpose of authentication?

To protect against fraudulent transmissions by establishing validity

What is a biometric?

A biological characteristic of an individual, such as a fingerprint

What is a breach?

Unauthorized access to personally identifiable information

What is the purpose of a Business Impact Analysis (BIA)?

To analyze system contingency requirements and priorities in the event of a disruption

What is the primary purpose of authorization?

To grant permission to access a system resource

What is a byte?

A unit of digital information that consists of eight bits