Podcast
Questions and Answers
What control can Alyssa put in place to protect against the risk of outdated content in her organization’s security awareness program?
What control can Alyssa put in place to protect against the risk of outdated content in her organization’s security awareness program?
In Gavin's report to management, what term best describes the current level of risk to the organization after adopting security controls?
In Gavin's report to management, what term best describes the current level of risk to the organization after adopting security controls?
Which law governs the actions that Francine must take regarding the copyright claim she received?
Which law governs the actions that Francine must take regarding the copyright claim she received?
What law governs the actions that Francine must take regarding the copyright claim she received?
What law governs the actions that Francine must take regarding the copyright claim she received?
Signup and view all the answers
Which law governs actions related to copyright claims for online service providers?
Which law governs actions related to copyright claims for online service providers?
Signup and view all the answers
What is the term for the level of risk remaining after security controls have been implemented?
What is the term for the level of risk remaining after security controls have been implemented?
Signup and view all the answers
Under the General Data Protection Regulation (GDPR), which requirement for processing personal information states that individuals may request that their data no longer be disseminated or processed?
Under the General Data Protection Regulation (GDPR), which requirement for processing personal information states that individuals may request that their data no longer be disseminated or processed?
Signup and view all the answers
After conducting a qualitative risk assessment of her organization, Sally recommends purchasing cybersecurity breach insurance. What type of risk response behavior is she recommending?
After conducting a qualitative risk assessment of her organization, Sally recommends purchasing cybersecurity breach insurance. What type of risk response behavior is she recommending?
Signup and view all the answers
Which one of the following elements of information is not considered personally identifiable information that would trigger most United States (U.S.) state data breach laws?
Which one of the following elements of information is not considered personally identifiable information that would trigger most United States (U.S.) state data breach laws?
Signup and view all the answers
Renee is speaking to her board of directors about their responsibilities to review cybersecurity controls. What rule requires that senior executives take personal responsibility for information security matters?
Renee is speaking to her board of directors about their responsibilities to review cybersecurity controls. What rule requires that senior executives take personal responsibility for information security matters?
Signup and view all the answers
Henry recently assisted one of his co-workers in preparing for the CISSP exam. During this process, Henry disclosed confidential information about the content of the exam, in violation of Canon IV of the Code of Ethics: 'Advance and protect the profession.' Who may bring ethics charges against Henry for this violation?
Henry recently assisted one of his co-workers in preparing for the CISSP exam. During this process, Henry disclosed confidential information about the content of the exam, in violation of Canon IV of the Code of Ethics: 'Advance and protect the profession.' Who may bring ethics charges against Henry for this violation?
Signup and view all the answers
Wanda is working with one of her organization’s European Union business partners to facilitate the exchange of customer information. Wanda’s organization is located in the United States. What would be the best method for Wanda to use to ensure GDPR compliance?
Wanda is working with one of her organization’s European Union business partners to facilitate the exchange of customer information. Wanda’s organization is located in the United States. What would be the best method for Wanda to use to ensure GDPR compliance?
Signup and view all the answers
Yolanda is the chief privacy officer for a financial institution and is researching privacy requirements related to customer checking accounts. Which one of the following laws is most likely to apply to this situation?
Yolanda is the chief privacy officer for a financial institution and is researching privacy requirements related to customer checking accounts. Which one of the following laws is most likely to apply to this situation?
Signup and view all the answers
Tim’s organization recently received a contract to conduct sponsored research as a government contractor. What law now likely applies to the information systems involved in this contract?
Tim’s organization recently received a contract to conduct sponsored research as a government contractor. What law now likely applies to the information systems involved in this contract?
Signup and view all the answers
Chris is advising travelers from his organization who will be visiting many different countries. What is a potential concern that Chris should advise the travelers about regarding cybersecurity?
Chris is advising travelers from his organization who will be visiting many different countries. What is a potential concern that Chris should advise the travelers about regarding cybersecurity?
Signup and view all the answers
