cis 462 midterm exam answers
DESCRIPTION
CIS 462 Midterm Exam Answers http://www.projbid.com/downloads/cis-462-midterm-exam-answers/(1) The use of encryption and digital signatures helps ensure that what was transmitted is the same as what was received. Which of the following is assured?(2) Which of the following is not one of the four domains of the COBIT framework for ISS management?(3) What is the primary goal of business process reengineering?(4) Passwords and biometrics are most closely associated with which of the following?(5) What does COBIT stand for?(6) Which of the following is optional, and sets the parameters within which the others can be used?(7) Which of the following is not true of segmented networks?(8) You are on the West Coast but want to connect to your company’s intranet on the East Coast. You use a program to “tunnel” through the Internet to reach the intranet. Which technology are you using?(9) A policy that addresses the use of personal mobile devices, such as a smartphone, to access an internal business network is an issue of which IT domain?(10) After entering your user name and password, you enter a number displayed on a security token to gain access to your company’s network. Which type of authentication method does the security token represent?(11) In the Workstation Domain, ____________ is the best method of reducing the risk of information leakage.(12) Authentication and encryption of intranet traffic is a _______ Domain issue.(13) __________ is the ability to reasonably ensure conformity and adherence to both internal and external policies, standards, procedures, laws, and regulations.(14) What is included in an IT policy framework?(15) Incident reporting, incident management, and user ID addition/removal are examples of which of the following?(16) Which of the following are written instructions on how to comply with standards?(17) What is something you can measure against to demonstrate value, such as gauging if you’ve reasonably covered risks in your organization?(18) Which personality type tends to be best suited for delivering security awareness training?(19) In Kotter’s change model, which step is generally part of informal discussions rather than part of the formal implementation process?(20) A primary reason why security policies often fail is ___________.(21) Which of the following is not true of security policy enforcement?(22) In Kotter’s change model, in which step does the ISO work with line management to collect metrics for assessing the policies’ effectiveness and ensure metrics are meaningful?(23) Which personality type tends to be associated with good leaders?(24) The basic elements of motivation include pride, success, and __________.(25) Disaster recovery and tape backups are examples of which type of security control?(26) What is the primary role of a security policy evangelist?(27) Before you begin security policy awareness training, what is the first step you should take to help ensure success?(28) Which of the following is not a security awareness training best practice?(29) When publishing an internal security policy or standard, which role or department usually gives final approval?(30) One of the key factors of a successful implementation of an organization-wide security policyis _______________.(31) A business _______ emerges when an organization cannot meet its obligation or duty.(32) Which of the following is a physical control?(33) What does “tone at the top” refer to?(34) Which of the following is not a typical method of protecting intellectual property (IP)?(35) A procedure for cleaning a virus from a system is an example of which type of security control?(36) An organization’s security awareness program is an example of which type of security control?(37) Which of the following is a key measurement of an organization’s risk appetite?(38) The core requirement of an automated IT security control library is that the informatiTRANSCRIPT
CIS 462 Midterm Exam Answers http://www.projbid.com/downloads/cis-462-midterm-exam-answers/(1) The use o encr!ption and di"ital si"natures helps ensure that what was transmitted is the same as what was recei#ed. $hich o the ollowin" is assured%(2) $hich o the ollowin" is not one o the our domains o the &'()T ramewor* or )++ mana"ement%(,) $hat is the primar! "oal o business process reen"ineerin"%(4) -asswords and biometrics are most closel! associated with which o the ollowin"%(.) $hat does &'()T stand or%(6) $hich o the ollowin" is optional/ and sets the parameters within which the others can be used%(0) $hich o the ollowin" is not true o se"mented networ*s%(1) 2ou are on the $est &oast but want to connect to !our compan!3s intranet on the 4ast &oast. 2ou use a pro"ram to 5tunnel6 throu"h the )nternet to reach the intranet. $hich technolo"! are !ou usin"%(7) 8 polic! that addresses the use o personal mobile de#ices/ such as a smartphone/ to access aninternal business networ* is an issue o which )T domain%(19) 8ter enterin" !our user name and password/ !ou enter a number displa!ed on a securit! to*en to "ain access to !our compan!3s networ*. $hich t!pe o authentication method does the securit! to*en represent%(11) )n the $or*station :omain/ ;;;;;;;;;;;; is the best method o reducin" the ris* o inormation lea*a"e.(12) 8uthentication and encr!ption o intranet traic is a ;;;;;;; :omain issue.(1,) ;;;;;;;;;; is the abilit! to reasonabl! ensure conormit! and adherence to both internal and external policies/ standards/ procedures/ laws/ and re"ulations.(14) $hat is included in an )T polic! ramewor*%(1.) )ncident reportin"/ incident mana"ement/ and user ): addition/remo#al are examples o which o the ollowin"%(16) $hich o the ollowin" are written instructions on how to compl! with standards%(10) $hat is somethin" !ou can measure a"ainst to demonstrate #alue/ such as "au"in" i !ou3#ereasonabl! co#ered ris*s in !our or"ani