94%(148)139 out of 148 people found this document helpful
This preview shows page 13 - 16 out of 36 pages.
Question 38 FREE QUESTION: MARK TRUETrue False 0.6 points Question 39 One of the most significant human mistakes that can lead to a security threat is carelessness, which is often brought about when an employee is not well-trained to see information security as worthy of protection.
7.1 points Question 40 Among the ways that one’s privilege status can be raised for the sake of solving a security access problem is to provide a trouble ticket, which issues non-permanent, enhanced access to previously unprivileged users.7.1 points Question 41 Vendors are users who need to be able to access particular application functions. Such access is issuedbased on the type of user rather than the individual. Guests and general public users, however, need to review and evaluate controls, and this access contains unlimited read access to logs and configuration settings.7.1 points Question 42 Employees who occupy a vendor status directly reportto that vendor company, and that company will often manage their access. Thus, processes must be instituted to guarantee that the vendor company is managing its employees effectively. The situations that demand a vendor to give notification to the company that’s engaged the vendor are as follows: 1) when people are hired or fired; 2) when people switchroles; 3) when systems are enhanced or separated from the organization’s network; and 4) when security configuration adjustments are made to the communications between the vendor and the organization.
True False 7.1 points Question 43 Consider this scenario: A company that buys a sizeable amount of equipment for its manufacturing process needs to accurately report such expenditures, so it calls upon the services of financial auditors. While financial auditors might consider how robust the data might be, the company might also involve IT auditors to examine the technology in placeto gather the data itself. What process is this company using to address its concerns?7.1 points Question 44 One of the processes for establishing business requirements and raising the level of privileges is to grant elevated rights on a temporary basis. This process is called _________________.7.1 points