Information Security

101. An organization's IT manager is establishing a business relationship with an off-site media storage company, for storage of backup media. The storage company has a location 5 miles away from the organization's data center, and another location that is 70 miles away. Why should one location be preferred over the other?

  1. It makes no difference which facility is chosen
  2. The closer location should be chosen, to facilitate periodic on-site inspections
  3. The closer location should be chosen, to facilitate faster recovery
  4. The farther location should be chosen, because it will not be affected by a regional disaster

Correct answer: (D)
The farther location should be chosen, because it will not be affected by a regional disaster

102. An organization's IT manager wants to discontinue the business relationship with an off-site media storage company, and instead store the organization's backup tapes at his residence, which is closer to the organization's data center. Should this plan be considered, and why:

  1. This should not be considered because the media will have fewer physical safeguards
  2. This should be considered because it will save money
  3. This should be considered because it is closer to the organization's data center
  4. This should not be chosen because it is too closer to the organization's data center

Correct answer: (A)
This should not be considered because the media will have fewer physical safeguards

103. An organization's security incident management strategy consists of response procedures to be used when an incident occurs. What other measures should the organization undertake:

  1. None
  2. Develop proactive procedures to aid in incident prevention
  3. Train selected personnel on incident response procedures
  4. Partner with law enforcement on incident response procedures

Correct answer: (B)
Develop proactive procedures to aid in incident prevention

104. Annualized loss expectancy is calculated using which formula:

  1. ALE = ARO x SLE
  2. ALE = EF x SLE
  3. ALE = ARO x AV
  4. ALE = ARO / SLE

Correct answer: (A)
ALE = ARO x SLE

105. Annualized loss expectancy is defined as:

  1. The annual estimate of loss of all assets based on all threats
  2. The annual estimate of loss of an asset based on a single threat
  3. The annual estimate of loss of an asset based on all threats
  4. The annual estimate of loss of all assets based on a single threat

Correct answer: (B)
The annual estimate of loss of an asset based on a single threat

106. At the beginning of a disaster recovery planning project, the project team will be compiling a list of all of the organization's most important business processes. This phase of the project is known as:

  1. Business Impact Analysis
  2. Risk Analysis
  3. Business Process Analysis
  4. Determination of maximum tolerable downtime (MTD)

Correct answer: (A)
Business Impact Analysis

107. Authentication, encryption, and ACLs are examples of:

  1. Defense in depth
  2. Detective controls
  3. Administrative controls
  4. Technical controls

Correct answer: (D)
Technical control

108. Benefits from disaster recovery and business continuity planning include all of the following EXCEPT:

  1. Improved system resilience
  2. Process improvements
  3. Improved market advantage
  4. Improved performance

Correct answer: (D)
Improved performance

109. Blackouts, brownouts, surges, and noise can all be remedied with:

  1. Line conditioner
  2. Power Distribution Unit (PDU)
  3. Dual power supplies
  4. UPS and electric generator

Correct answer: (D)
UPS and electric generator

110. Buffer overflow, SQL injection, and stack smashing are examples of:

  1. Vulnerabilities
  2. Exploits
  3. Input attacks
  4. Injection attacks

Correct answer: (C)
Input attacks

Previous
Page 11 of 25
Next
Copyright © EngineeringMCQ.com