Questions and Answers
What is the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?
Hire a guard to protect the public area
Which of the following is a PRIMARY element in achieving information security according to the principle of defense in depth?
People, technology, and operations
What poses the GREATEST risk to data confidentiality?
Backup tapes are generated unencrypted
From a data security perspective, what is the MOST important consideration when an organization plans to relocate?
Signup and view all the answers
What is an essential measure to enhance personnel safety in public areas?
Signup and view all the answers
Which factor contributes most significantly to preventing unauthorized access to sensitive information?
Signup and view all the answers
Which destruction method provides the BEST assurance that data has been removed?
Signup and view all the answers
Aside from potential records viewed, what should be the PRIMARY concern regarding unauthorized access to a database with financial information?
Signup and view all the answers
Which of the following is a detective access control mechanism?
Signup and view all the answers
In the context of data destruction, what method is NOT typically used for ensuring data removal?
Signup and view all the answers
When considering student access to university resources from home, what approach would require the most effort from students but still enable access?
Signup and view all the answers
What is the main purpose of ensuring that unauthorized persons cannot access the computers?
Signup and view all the answers
Which method is effective for avoiding magnetic media data remanence?
Signup and view all the answers
What is the MOST important purpose of testing the Disaster Recovery Plan (DRP)?
Signup and view all the answers
Including a Trusted Platform Module (TPM) in a computer system design is a technique for achieving what?
Signup and view all the answers
After completing a Business Impact Analysis (BIA), what should a security professional do next following BCP/DRP best practices?
Signup and view all the answers
What is the PRIMARY purpose of a security awareness program?
Signup and view all the answers
What is the primary goal of having a Disaster Recovery Plan (DRP) in place?
Signup and view all the answers
What should Passive Infrared Sensors (PIR) used in a non-climate controlled environment do?
Signup and view all the answers
Why is documenting business processes important in Business Continuity Planning (BCP)?
Signup and view all the answers
What should individuals with access to the system do according to the text?
Signup and view all the answers
Why is it important to communicate that access to information will be granted on a need-to-know basis?
Signup and view all the answers
What do Passive Infrared Sensors (PIR) detect in a non-climate controlled environment?
Signup and view all the answers
What is the most likely cause of the inconsistent application of server security controls resulting in vulnerabilities on critical systems?
Signup and view all the answers
What is the best first step for determining if the appropriate security controls are in place for protecting data at rest?
Signup and view all the answers
What should an organization ensure when outsourcing a portion of their IT organization to a third-party provider's facility?
Signup and view all the answers
Which step should be taken first when classifying information?
Signup and view all the answers
What is a common issue that can arise due to improper documentation of security guidelines?
Signup and view all the answers
Why might host-based Intrusion Prevention System (HIPS) policies be ineffective in ensuring server security?
Signup and view all the answers
