96%(167)160 out of 167 people found this document helpful
This preview shows page 3 - 6 out of 15 pages.
Correct Answer:An individual might think that threatening to disclose security information will earn the attention and recognition from the organization and thus result in promotion.Question 92 out of 2 pointsConsider this scenario: After many years, an employee is promoted to a position that has an elevated level of trust with his management. He started with the company in an entry-level position, and then moved from a supervisory to a managerial role. This role entails that the employee trains other employees and has a deep understanding of how the department functions. Which of the following actions should be taken in regard to this employee’s levels of access during the span of time he has worked for the company?Selected Answer:This employee should have prior access removed to ensure separation of duties and avoid future instances of security risk.Correct Answer:This employee should have prior access removed to ensure separation of duties and avoid future instances of security risk.Question 10
2 out of 2 pointsWhich of the following user types is responsible for audit coordination and response, physical security and building operations, and disaster recovery and contingency planning?Selected Answer:security personnelCorrect Answer:security personnelQuestion 112 out of 2 pointsWhen is the best time to implement security policies to help developers diminish the number of vulnerabilities during application development?Selected Answer:while the application is being writtenCorrect Answer:while the application is being writtenQuestion 122 out of 2 pointsAside from human user types, there are two other non-human user groups. Known as account types, ________________ are accounts implemented by the system for the purpose of supporting automated service, and ___________________ are accounts that remain non-human untilindividuals are assigned access and can use them to recover a system following a major outage.Selected Answer:system accounts, contingent IDsCorrect Answer:system accounts, contingent IDsQuestion 132 out of 2 pointsWhich of the following is notone of the types of control partners?Selected Answer:software engineersCorrect
Answer:software engineersQuestion 142 out of 2 pointsOne of seven domains of a typical IT infrastructure is the user domain. Within that domain is a range of user types, and each type has specific and distinct access needs. Which of the following types of users has the responsibility of creating and putting into place a security program within an organization?Selected Answer:security personnelCorrect Answer:security personnelQuestion 150 out of 2 pointsWhich of the following statements illustrates the importance of the LAN-to-WAN domain to an organization’s security?