IT Certification Exam Questions
29 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?

  • Supply a duress alarm for personnel exposed to the public
  • Hire a guard to protect the public area (correct)
  • Enclose the personnel entry area with polycarbonate plastic
  • Install mantraps at the building entrances
  • Which of the following is a PRIMARY element in achieving information security according to the principle of defense in depth?

  • People, technology, and operations (correct)
  • Certification, accreditation, and monitoring
  • Prevention, detection, and remediation
  • Development, testing, and deployment
  • What poses the GREATEST risk to data confidentiality?

  • Network redundancies are not implemented
  • Backup tapes are generated unencrypted (correct)
  • Security awareness training is not completed
  • Users have administrative privileges
  • From a data security perspective, what is the MOST important consideration when an organization plans to relocate?

    <p>Ensure fire prevention and detection systems are sufficient to protect personnel</p> Signup and view all the answers

    What is an essential measure to enhance personnel safety in public areas?

    <p>Establishing emergency response protocols</p> Signup and view all the answers

    Which factor contributes most significantly to preventing unauthorized access to sensitive information?

    <p>Implementing role-based access control measures</p> Signup and view all the answers

    Which destruction method provides the BEST assurance that data has been removed?

    <p>Shredding</p> Signup and view all the answers

    Aside from potential records viewed, what should be the PRIMARY concern regarding unauthorized access to a database with financial information?

    <p>Unauthorized database changes</p> Signup and view all the answers

    Which of the following is a detective access control mechanism?

    <p>Log review</p> Signup and view all the answers

    In the context of data destruction, what method is NOT typically used for ensuring data removal?

    <p>Knurling</p> Signup and view all the answers

    When considering student access to university resources from home, what approach would require the most effort from students but still enable access?

    <p>Purchasing VPN-capable routers</p> Signup and view all the answers

    What is the main purpose of ensuring that unauthorized persons cannot access the computers?

    <p>To ensure management knows what users are logged on</p> Signup and view all the answers

    Which method is effective for avoiding magnetic media data remanence?

    <p>Degaussing</p> Signup and view all the answers

    What is the MOST important purpose of testing the Disaster Recovery Plan (DRP)?

    <p>Validating the effectiveness of the plan</p> Signup and view all the answers

    Including a Trusted Platform Module (TPM) in a computer system design is a technique for achieving what?

    <p>Establish a secure initial state</p> Signup and view all the answers

    After completing a Business Impact Analysis (BIA), what should a security professional do next following BCP/DRP best practices?

    <p>Identify and select recovery strategies</p> Signup and view all the answers

    What is the PRIMARY purpose of a security awareness program?

    <p>Ensure that everyone understands the organization's policies and procedures.</p> Signup and view all the answers

    What is the primary goal of having a Disaster Recovery Plan (DRP) in place?

    <p>To enable the organization to recover from disasters efficiently</p> Signup and view all the answers

    What should Passive Infrared Sensors (PIR) used in a non-climate controlled environment do?

    <p>Automatically compensate for variance in background temperature.</p> Signup and view all the answers

    Why is documenting business processes important in Business Continuity Planning (BCP)?

    <p>Provides an understanding of the organization's interdependencies.</p> Signup and view all the answers

    What should individuals with access to the system do according to the text?

    <p>Sign Non-Disclosure Agreements (NDA).</p> Signup and view all the answers

    Why is it important to communicate that access to information will be granted on a need-to-know basis?

    <p>To restrict unnecessary access and protect sensitive information.</p> Signup and view all the answers

    What do Passive Infrared Sensors (PIR) detect in a non-climate controlled environment?

    <p>Objects of a specific temperature independent of the background temperature.</p> Signup and view all the answers

    What is the most likely cause of the inconsistent application of server security controls resulting in vulnerabilities on critical systems?

    <p>A lack of baseline standards</p> Signup and view all the answers

    What is the best first step for determining if the appropriate security controls are in place for protecting data at rest?

    <p>Conduct a risk assessment</p> Signup and view all the answers

    What should an organization ensure when outsourcing a portion of their IT organization to a third-party provider's facility?

    <p>The third party's physical security controls are in place and as rigorous as the original controls</p> Signup and view all the answers

    Which step should be taken first when classifying information?

    <p>Ensure information is labeled with appropriate sensitivity levels</p> Signup and view all the answers

    What is a common issue that can arise due to improper documentation of security guidelines?

    <p>Difficulty in enforcing security policies</p> Signup and view all the answers

    Why might host-based Intrusion Prevention System (HIPS) policies be ineffective in ensuring server security?

    <p>They lack integration with other security controls</p> Signup and view all the answers

    Use Quizgecko on...
    Browser
    Browser