Henry recently assisted one of his co-workers in preparing for the CISSP exam. During this process, Henry disclosed confidential information about the content of the exam, in violation of Canon IV of the Code of Ethics: “Advance and protect the profession.” Who may bring ethics charges against Henry for this violation?

Any certified or licensed professional may bring charges.

Only Henry’s employer may bring charges.

Only the affected employee may bring charges.

Chris is advising travelers from his organization who will be visiting many different countries overseas. He is concerned about compliance with export control laws. Which of the follow- ing technologies is most likely to trigger these regulations?

Office productivity applications

You are completing your business continuity planning effort and have decided that you want to accept one of the risks. What should you do next?

Document your decision-making process.

Implement new security controls to reduce the risk level.

Design a disaster recovery plan.

Repeat the business impact assessment.

Tony is developing a business continuity plan and is having difficulty prioritizing resources because of the difficulty of combining information about tangible and intangible assets. What would be the most effective risk assessment approach for him to use?

Combination of quantitative and qualitative risk assessment

Neither quantitative nor qualitative risk assessment

Brenda’s organization recently completed the acquisition of a competitor firm. Which one of the following tasks would be LEAST likely to be part of the organizational processes addressed during the acquisition?

Protection of intellectual property

Consolidation of security functions

Documentation of security policies

When developing a business impact analysis, the team should first create a list of assets. What should happen next?

Develop a value for each asset.

Identify vulnerabilities in each asset.

Determine the risks facing the asset.

Identify threats facing each asset.

Which one of the following organizations would not be automatically subject to the privacy and security requirements of HIPAA if they engage in electronic transactions?

Health and fitness application developer

Health information clearinghouse

Which one of the following individuals would be the most effective organizational owner for an information security program?

Chief information officer (CIO)

What important function do senior managers normally fill on a business continuity planning team?

Arbitrating disputes about criticality

Evaluating the legal environment

Which one of the following issues is not normally addressed in a service-level agreement (SLA)?

Confidentiality of customer information

D1 part1

Authored by Di Thoi7

Computers

Professional Development

Used 5+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

50 questions

Show all answers

MULTIPLE CHOICE QUESTION

1 min • 5 pts

Alyssa is responsible for her organization’s security awareness program. She is concerned that changes in technology may make the content outdated. What control can she put in place to protect against this risk?

Gamification

Computer-based training

Content reviews

Live training

MULTIPLE CHOICE QUESTION

1 min • 5 pts

Gavin is creating a report to management on the results of his most recent risk assessment. In his report, he would like to identify the remaining level of risk to the organization after adopting security controls. What term best describes this current level of risk?

Inherent risk

Residual risk

Control risk

Mitigated risk

MULTIPLE CHOICE QUESTION

1 min • 5 pts

Francine is a security specialist for an online service provider in the United States. She recently received a claim from a copyright holder that a user is storing information on her service that violates the third party’s copyright. What law governs the actions that Francine must take?

Lanham Act

Digital Millennium Copyright Act

Gramm Leach Bliley Act

MULTIPLE CHOICE QUESTION

1 min • 5 pts

FlyAway Travel has offices in both the European Union (EU) and the United States and transfers personal information between those offices regularly. They have recently received a request from an EU customer requesting that their account be terminated. Under the General Data Protection Regulation (GDPR), which requirement for processing personal information states that individuals may request that their data no longer be disseminated or processed?

The right to access

Privacy by design

The right to be forgotten

The right of data portability

MULTIPLE CHOICE QUESTION

1 min • 5 pts

After conducting a qualitative risk assessment of her organization, Sally recommends purchasing cybersecurity breach insurance. What type of risk response behavior is she recommending?

Transfer

Reduce

Reject

MULTIPLE CHOICE QUESTION

1 min • 5 pts

Which one of the following elements of information is not considered personally identifiable information that would trigger most United States (U.S.) state data breach laws?

Student identification number

Social Security number

Driver’s license number

Credit card number

MULTIPLE CHOICE QUESTION

1 min • 5 pts

Renee is speaking to her board of directors about their responsibilities to review cyberse- curity controls. What rule requires that senior executives take personal responsibility for information security matters?

Due diligence rule

Personal liability rule

Prudent man rule

Due process rule

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

50 questions

RUTS Technology

Quiz

•

9th Grade - Professio...

46 questions

A+ 1101 Study Quiz 1

Quiz

•

Professional Development

50 questions

DGI- QUIZ

Quiz

•

Professional Development

50 questions

M1 R5 ( Chapter 4)

Quiz

•

Professional Development

50 questions

Programación y robótica educativa (OpcMul)

Quiz

•

Professional Development

50 questions

Quizz Compition(Social Media,cyber Crime,Ms Word,Cyber Security)

Quiz

•

Professional Development

50 questions

Genel Kültür

Quiz

•

University - Professi...

52 questions

Redes - Desafio Final

Quiz

•

Professional Development

Popular Resources on Wayground

8 questions

Spartan Way - Classroom Responsible

Quiz

•

9th - 12th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

14 questions

Boundaries & Healthy Relationships

Lesson

•

6th - 8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

3 questions

Integrity and Your Health

Lesson

•

6th - 8th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

9 questions

FOREST Perception

Lesson

•

20 questions

Main Idea and Details

Quiz

•

5th Grade

Discover more resources for Computers

15 questions

LOTE_SPN2 5WEEK3 Day 2 Itinerary

Quiz

•

Professional Development

6 questions

Copy of G5_U6_L5_22-23

Lesson

•

KG - Professional Dev...

10 questions

March Quiz

Quiz

•

Professional Development

5 questions

Copy of G5_U6_L8_22-23

Lesson

•

KG - Professional Dev...

10 questions

suffixes FUL OR LESS

Quiz

•

Professional Development

D1 part1

Alyssa is responsible for her organization’s security awareness program. She is concerned that changes in technology may make the content outdated. What control can she put in place to protect against this risk?

Gavin is creating a report to management on the results of his most recent risk assessment. In his report, he would like to identify the remaining level of risk to the organization after adopting security controls. What term best describes this current level of risk?

Francine is a security specialist for an online service provider in the United States. She recently received a claim from a copyright holder that a user is storing information on her service that violates the third party’s copyright. What law governs the actions that Francine must take?

After conducting a qualitative risk assessment of her organization, Sally recommends purchasing cybersecurity breach insurance. What type of risk response behavior is she recommending?

Which one of the following elements of information is not considered personally identifiable information that would trigger most United States (U.S.) state data breach laws?

Renee is speaking to her board of directors about their responsibilities to review cyberse- curity controls. What rule requires that senior executives take personal responsibility for information security matters?

Wanda is working with one of her organization’s European Union business partners to facil- itate the exchange of customer information. Wanda’s organization is located in the United States. What would be the best method for Wanda to use to ensure GDPR compliance?

Yolanda is the chief privacy officer for a financial institution and is researching privacy requirements related to customer checking accounts. Which one of the following laws is most likely to apply to this situation?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers