Podcast
Questions and Answers
Which of the following is NOT one of the three major concerns for physical security in order of importance?
Which of the following is NOT one of the three major concerns for physical security in order of importance?
- Equipment
- Access control (correct)
- Personnel
- Data
Which of the following is NOT one of the three main kinds of physical security measures?
Which of the following is NOT one of the three main kinds of physical security measures?
- Preventative
- Reactive (correct)
- Detective
- Deterrent
Why would you want to use RAID?
Why would you want to use RAID?
- To improve network security
- To increase the speed of data access
- To reduce the amount of storage space required
- To copy data to more than 1 storage device to protect the data if any one device is destroyed (correct)
Which of the following is NOT a step in a typical risk management process at a high level?
Which of the following is NOT a step in a typical risk management process at a high level?
Why is confidentiality important in data security?
Why is confidentiality important in data security?
Why is authenticity a risk in data security?
Why is authenticity a risk in data security?
Why is assessing risks an important step in risk management?
Why is assessing risks an important step in risk management?
Which category of controls protects the physical environment in which systems sit or where data is stored?
Which category of controls protects the physical environment in which systems sit or where data is stored?
Which category of controls enables prevention of unauthorized activities?
Which category of controls enables prevention of unauthorized activities?
True or False: A vulnerability without a matching threat constitutes a risk.
True or False: A vulnerability without a matching threat constitutes a risk.
True or False: A threat without a matching vulnerability constitutes a risk.
True or False: A threat without a matching vulnerability constitutes a risk.
What are measures put in place to account for each threat called?
What are measures put in place to account for each threat called?
What are the three categories of controls mentioned in the text?
What are the three categories of controls mentioned in the text?
True or False: If logical controls are implemented properly and successful, an attacker or unauthorized user can still access applications and data without subverting controls.
True or False: If logical controls are implemented properly and successful, an attacker or unauthorized user can still access applications and data without subverting controls.
What is the term used to describe an attacker or unauthorized user accessing applications and data without subverting controls?
What is the term used to describe an attacker or unauthorized user accessing applications and data without subverting controls?
