A chief information security officer (CISO) at a large organization documented a policy that establishes the acceptable use of cloud environments for all staff. This is an example of a: (D1, L1.3.1)
#01 Security Principle
Professional Development
•10 Qs
Similar activities
Sequences
Professional Development
•10 Qs
11142020_A+_Lesson_5_Quiz
Professional Development
•10 Qs
Administration Windows 6 - PowerShell
Professional Development
•8 Qs
Gaming 2023
1st Grade - Professional Development
•12 Qs
Mobile Technology
Professional Development
•10 Qs
Operation Reliability
Professional Development
•10 Qs
Personal Computer
Professional Development
•10 Qs
Introduction Day 1
Professional Development
•12 Qs
#01 Security Principle
Quiz
•
Computers
•
Professional Development
•
Easy
Kim undefined
Used 1+ times
FREE Resource
10 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Management/Administrative control
Technical control
Physical control
Cloud control
Answer explanation
Correct. Policies, standards, processes, procedures and guidelines set by corporate administrative entities (e.g., executive- and/or mid-level management) are management/administrative controls.
2.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Is it possible to avoid risk? (D1, L1.2.1)
Yes
No
Sometimes
Never
Answer explanation
Correct. To avoid an identified risk, stop doing what you have identified as being too risky or dangerous and not acceptable to the organization.
3.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
What is meant by non-repudiation? (D1, L1.1.1)
If a user does something, they can’t later claim that they didn’t do it.
Controls to protect the organization’s reputation from harm due to inappropriate social media postings by employees, even if on their private accounts and personal time.
It is part of the rules set by administrative controls.
It is a security feature that prevents session replay attacks.
Answer explanation
Correct. To repudiate means to attempt to deny after the fact, to lie about one's actions.
4.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which of the following is NOT one of the four typical ways of managing risk? (D1, L1.2.1)
Avoid
Accept
Mitigate
Conflate
Answer explanation
Correct. Conflate is not a term used to describe a way to manage risk.
5.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Siobhan is deciding whether to make a purchase online; the vendor wants Siobhan to create a new user account, and is requesting Siobhan’s full name, home address, credit card number, phone number, email address, the ability to send marketing messages to Siobhan, and permission to share this data with other vendors. Siobhan decides that the item for sale is not worth the value of Siobhan’s personal information, and decides to not make the purchase. What kind of risk management approach did Siobhan make? (D1, L1.2.2)
avoidance
acceptance
mitigation
transfer
Answer explanation
Correct. This is an example of avoidance; in order to avoid the risk of unauthorized use of the personal data, Siobhan chose not to engage in the activity.
6.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Guillermo is the system administrator for a midsized retail organization. Guillermo has been tasked with writing a document that describes, step-by-step, how to securely install the operating system on a new laptop. This document is an example of a ________. (D1, L1.4.1)
policy
standard
procedure
guideline
Answer explanation
Correct. A procedure (sometimes referred to as a "process" document) is a description of how to perform an action. It is usually written by the office/person who performs that action on a regular basis.
7.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Lankesh is the security administrator for a small food-distribution company. A new law is published by the country in which Lankesh’s company operates; the law conflicts with the company’s policies. Which governance element should Lankesh’s company follow? (D1, L1.4.2)
the law
the policy
any procedures the company has created for the particular activities affected by the law
Lankesh should be allowed to use personal and professional judgment to make the determination of how to proceed
Answer explanation
Correct. Laws are the explicit authority of the jurisdiction where any organizations operate; laws cannot be violated, regardless of internal company governance. Laws supersede everything else.
Create a free account and access millions of resources
Create resources
Host any resource
Get auto-graded reports
Microsoft
Apple
Others
Similar Resources on Quizizz
11 questions
Domain 1 Quizizz Game (Social Engineering Techniques)
Quiz
•
Professional Development
10 questions
Software Development methodologies
Quiz
•
11th Grade - Professi...
11 questions
ChatGPT Quiz
Quiz
•
Professional Development
15 questions
Inside the Worst Video Game Ever
Quiz
•
University - Professi...
10 questions
IT ENGLISH: Research Project Topics - Graphics Cards
Quiz
•
Professional Development
14 questions
DevOps
Quiz
•
Professional Development
14 questions
AZ-900 Module 1
Quiz
•
1st Grade - Professio...
13 questions
AWS Timed Quiz -1
Quiz
•
Professional Development
Popular Resources on Quizizz
15 questions
Multiplication Facts
Quiz
•
4th Grade
20 questions
Math Review - Grade 6
Quiz
•
6th Grade
20 questions
math review
Quiz
•
4th Grade
5 questions
capitalization in sentences
Quiz
•
5th - 8th Grade
10 questions
Juneteenth History and Significance
Interactive video
•
5th - 8th Grade
15 questions
Adding and Subtracting Fractions
Quiz
•
5th Grade
10 questions
R2H Day One Internship Expectation Review Guidelines
Quiz
•
Professional Development
12 questions
Dividing Fractions
Quiz
•
6th Grade