Podcast
Questions and Answers
What type of control is a Computer Incident Response Team (CIRT)?
What type of control is a Computer Incident Response Team (CIRT)?
- Detection
- Response (correct)
- Prevention
- Protection
What is the primary function of authorization?
What is the primary function of authorization?
- Verifying user identities
- Scanning for malware
- Restricting access to system resources (correct)
- Monitoring network traffic
What is the goal of containment in an incident response process?
What is the goal of containment in an incident response process?
- To recover from the incident
- To eradicate the incident
- To identify the cause of the incident
- To prevent further damage from the incident (correct)
What is the first step in the attack process used by criminals?
What is the first step in the attack process used by criminals?
What is the primary function of a demilitarized zone (DMZ)?
What is the primary function of a demilitarized zone (DMZ)?
What is not a basic step in an incident response process?
What is not a basic step in an incident response process?
What is the primary purpose of identifying controls in a risk assessment?
What is the primary purpose of identifying controls in a risk assessment?
A company is considering implementing two control procedures to deal with a identified threat. What should be the primary consideration in deciding which control to implement?
A company is considering implementing two control procedures to deal with a identified threat. What should be the primary consideration in deciding which control to implement?
What is the type of computer attack that encrypts data and demands payment in exchange for the decryption key?
What is the type of computer attack that encrypts data and demands payment in exchange for the decryption key?
What is the concept of defense-in-depth?
What is the concept of defense-in-depth?
What is the term for a computer attack that captures data from information items as it travels over networks?
What is the term for a computer attack that captures data from information items as it travels over networks?
What is the primary purpose of continuous monitoring?
What is the primary purpose of continuous monitoring?
Which type of computer attack steals contact lists, images, and other data using Bluetooth?
Which type of computer attack steals contact lists, images, and other data using Bluetooth?
What is the purpose of verifying the validity of credit or debit card numbers during an online transaction?
What is the purpose of verifying the validity of credit or debit card numbers during an online transaction?
What should be the primary concern of information security?
What should be the primary concern of information security?
What is the primary consideration for a managerial concern in information security?
What is the primary consideration for a managerial concern in information security?
What is the key principle of the COBIT 5 framework?
What is the key principle of the COBIT 5 framework?
What is the term for a type of attack that takes place when you leave your phone's Bluetooth setting as discoverable and someone takes control of your phone and connects it to the Internet?
What is the term for a type of attack that takes place when you leave your phone's Bluetooth setting as discoverable and someone takes control of your phone and connects it to the Internet?
What is the purpose of aligning with other standards at a low level?
What is the purpose of aligning with other standards at a low level?
What is the primary focus of control activities in COSO's internal control model?
What is the primary focus of control activities in COSO's internal control model?
What is the structure of the ERM model developed by COSO?
What is the structure of the ERM model developed by COSO?
How does the ERM framework compare to the IC framework?
How does the ERM framework compare to the IC framework?
Which type of control is superior to others?
Which type of control is superior to others?
What can assist management in reconciling the conflict between creativity and control?
What can assist management in reconciling the conflict between creativity and control?
According to best practices, why should emergency changes be documented?
According to best practices, why should emergency changes be documented?
What is the purpose of change controls?
What is the purpose of change controls?
What is the most effective way for a firewall to protect the perimeter?
What is the most effective way for a firewall to protect the perimeter?
What is the primary risk associated with allowing employees to use personal portable devices to access corporate networks?
What is the primary risk associated with allowing employees to use personal portable devices to access corporate networks?
What is the term for modifying default configurations to turn off unnecessary programs and features to improve security?
What is the term for modifying default configurations to turn off unnecessary programs and features to improve security?
What is the term for a decoy system used to provide early warning that an insider or outsider is attempting to search for confidential information?
What is the term for a decoy system used to provide early warning that an insider or outsider is attempting to search for confidential information?
