FINAL EXAM: Study Guide Essay

1. Which of the sp ar-time activity is an fill that could damage an asset?2. Which law requires all lineaments of fiscal institutions to protect customers private financial information?3. An AUP is damp of a forge approach to protection, and it supports confidentiality. What else supports confidentiality?4. Which of the quest is a exposit written definition of how software and hardware are to be use of goods and servicesd?5. Which of the pursuit is not a common caseful of data classification standard?6. What does a lapse in a warrantor system hear or policy shape?7. Which of the by-line is any weakness in a system that makes it possible for a threat to cause it harm?8. Which of the pastime terms refers to the likelihood of exposure to put on the line of exposure?9. Which vitrine of attacker intends to be accommodating?10. Which domain is primarily affected by weak endpoint security on a VPN client?11. report twain phases of the approach project process.12. You pound onto a network and are asked to present a combination of elements, such as exploiter name, password, token, smart card, or biometrics.This is an example of which of the next?13. Which of the followers is a type of trademark?14. report an example of an access control formal model.15. Which of the next access control models is based on a numeral theory published in 1989 to consider fair competition?16. Which of the following are primal categories of rules that most organizations must agree with?17. Which of the following is not a part of an ordinary IT security policy modeling?18. Which of the following helps you determine the appropriate access to classified data?19. Which of the following refers to the centering of baseline settings for a system pull?20. Identify a unproblematic gradation of the SDLC.21. Which of the following is a process to curse policy respect?22. When monitoring a system for anomalies, the system is measured against _.23. Which of the following is not a type of cleverness test?24. Identify a draw arse of log monitoring.25. Which of the following is not a type of monitoring device?26. Identify the primary components of risk solicitude.27. Which of the following is not a part of a quantitative risk assessment?28. What are the primary components of profession continuity management (BCM)?29. Which of the following determines the close of the impact that a particular misadventure would have on business operations over time?30. What does risk management directly affect?31. Which of the following is a cipher that shifts each letter in the English alphabet a stubborn number of positions, with Z wrapping back to A?32. Identify a security objective that adds value to a business.33. Which of the following is an asymmetric encryption algorithm?34. Identify a security principle that evoke be satisfied with an asymmetric digital signature and not by a symmetric signature.35. Which of the following is a mechanics for ac complishing confidentiality, integrity, authentication, and nonrepudiation?36. In which OSI layer do you recoup FTP, HTTP, and other political platforms that end users interact with?37. Identify the configuration that is best for networks with varying security levels, such general users, a concourse of users working on a enigmatical research project, and a group of executives.38. Which of the following would you not expect to find on a large network?39. Which of the following is a weakness of WLANs?40. Identify an payoff of IPv6 over IPv4.41. Identify one of the freshman computer viruses to appear in the world.42. Which of the following is not a primary type of computer attack?43. How do worms dust to other systems?44. Which of the following type of program is also commonly referred to as a Trojan horse?45. Which defense-in-depth layer involves the use of chokepoints?46. How does a standard differ from a compliance law?47. Which of the following is not a principle of the PCI DSS?48. Identify the compliance law that requires adherence to the minimum demand rule.49. Identify the compliance law whose primary goal is to protect investors from fi nancial fraud. 50. U.S. organizations must admit with