process of examining a computer product

TRUE/FALSE QUESTIONS:

1.      Assurance is the process of examining a computer product or system with respect to certain criteria.

2.      Problems with providing strong computer security involve only the design phase.

3.      IT security management has evolved considerably over the last few decades due to the rise in risks to networked systems.

4.      To ensure that a suitable level of security is maintained, management must follow up the implementation with an evaluation of the effectiveness of the security controls.

MULTIPLE CHOICES QUESTIONS

5.      __________ assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.

A.  Availability                             C.  System Integrity

B.  Privacy                                    D.  Data Integrity

Answer

6.      Security classes are referred to as __________.

 

A.     security clearances                                  B.  security classifications

 

C.      security levels                                          D.  security properties

Answer

7.      __________ ensures that critical assets are sufficiently protected in a cost-effective manner.

A.  IT control                    B.  IT security management

C.  IT discipline                 D.  IT risk implementations

Answer

8.      The intent of the ________ is to provide a clear overview of how an organization’s IT infrastructure supports its overall business objectives.

 

A.    risk register                                                           B. corporate security policy

c.       vulnerability source                                              D. threat assessment

Answer

9.      Which of the following supports the Defense-in-depth strategy?

A.    Abstraction                                               B. Data Hiding

C     Layering                                                  D. Encryption

Answer

10.  The objective of the ________ control category is to avoid breaches of any law, statutory, regulatory, or contractual obligations, and of any security requirements.

A.    Access

B.     Asset management

C.     Compliance

D.    Business continuity management

Answer

11.  Which of the following is not a security architecture framework?

A.    Sherwood Applied  Business Security Architecture (SABSA)

B.     NIST Special publication 800-53

C.     ISO 27001 & 27002

D.    Open Web Application Security Project (OWASP)

Answer

12.  Which security management is considered complimentary to ISO/27001 & 20072

A.    SABA

B.     COBIT

C.     NIST Special publication 800-53

D.    OWASP

Answer

13.  The objective of the ________ control category is to counteract interruptions to business activities and to protect critical business processes from the effects of major failures of information systems or disasters and to ensure their timely resumption.

A.    asset management

B.     business continuity management

C.     information security incident management

D.    physical and environmental security

Answer

FILL-IN THE BLANK QUESTIONS

.  14. A loss of _________ is the disruption of access to or use of information or an information system.

Answer

15.  A subject is said to have a security _________ of a given level.

Answer

16.  ISO details a model process for managing information security that comprises the following steps:  plan, do, ________, and act.

Answer

17.  A _________ on an organization’s IT systems identifies areas needing treatment.

Answer: Risk Assessment

Answer Table

True/False

Answer

1

 

2

 

3

 

4

 

Multiple Choices

 

5

 

6

 

7

 

8

 

9

 

10

 

11

 

12

 

13

 

Short Answer

 

14

 

15

 

16

 

17

 

 

 

SHORT ANSWER QUESTIONS

18.  Consider a desktop publishing system used to produce documents for various organizations. Give an example in which system availability is the most impotent requirement. Please be very brief.

Answer:

19.  The necessity of the “no read up” rule for a multilevel security is fairly obvious. What is the importance of the “no write down” rule?

 Answer

20.  List and briefly define the five alternatives for treating identified risks.

Answer:

 

 

 

 

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more