In order to assess policy compliance many organizations will use a report card

In order to assess policy compliance many

This preview shows page 7 - 10 out of 15 pages.

In order to assess policy compliance, many organizations will use a report card. The evaluation tools are comprised of criteria based on an organization’s requirements. Which of the following is not one the elements that would be included on a report card? Selected Answer: number of random audits performed
Image of page 7
Correct Answer: number of random audits performed Question 24 0 out of 2 points One of the six specifications for entities that implement SCAP is to provide particular names for operation systems, applications, and hardware. This specification articulates a standard naming convention for systems to promote consistency across varied products. Which of the following specifications fits this description? Selected Answer: Open Vulnerability and Assessment Language (OVAL) Correct Answer: Common Platform Enumeration (CPE) Question 25 2 out of 2 points A baseline is a point of departure that guarantees that systems comply with security requirements when they are enacted. However, it is not an uncommon occurrence that systems are changed in a way that means they are no longer in compliance. Thus, it is necessary to use an accepted method to ensure that settings have not been changed. Which of the following is not one of these methods? Selected Answer: patch management Correct Answer: patch management Question 26 2 out of 2 points In order to ensure compliance, organizations deploy both new and current technologies. Which of the following is not one these new technologies? Selected Answer: Common Platform Enumeration (CPE) Correct Answer: Common Platform Enumeration (CPE) Question 27 2 out of 2 points
Image of page 8
One of the methods that an organization can use to determine compliance is to perform _______________. Selected Answer: random audits Correct Answer: random audits Question 28 2 out of 2 points Consider this scenario: A sales organization with an onsite IT staff experiences a major outage due to a minor change to a printer. Though systems were working successfully, the printer stopped working when a new server was added to the network. The new server that was added to the network shared the same IP address as the printer. Which of the following statements captures a contributing cause of the problem with the IP compatibility? Selected Answer: The IP address conflict demonstrates that the organization failed to comply with change management policies. Correct Answer: The IP address conflict demonstrates that the organization failed to comply with change management policies. Question 29 2 out of 2 points A security _____________identifies a group of fundamental configurations designed to accomplish particular security objectives. Selected Answer: baseli ne Correct Answer: baseli ne Question 30 2 out of 2 points Many organizations have a(n) ________________________, which is comprised of end user devices (including tablets, laptops, and smartphones) on a shared network and that use distributed system software; this enables these devices to function simultaneously, regardless of location.
Image of page 9
Image of page 10

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture