96%(167)160 out of 167 people found this document helpful
This preview shows page 7 - 10 out of 15 pages.
In order to assess policy compliance, many organizations will use a report card. The evaluation tools are comprised of criteria based on an organization’s requirements. Which of the following is not one the elements that would be included on a report card?Selected Answer:number of random audits performed
Correct Answer:number of random audits performedQuestion 240 out of 2 pointsOne of the six specifications for entities that implement SCAP is to provideparticular names for operation systems, applications, and hardware. This specification articulates a standard naming convention for systems to promote consistency across varied products. Which of the following specifications fits this description?Selected Answer:Open Vulnerability and Assessment Language (OVAL)Correct Answer:Common Platform Enumeration (CPE)Question 252 out of 2 pointsA baseline is a point of departure that guarantees that systems comply with security requirements when they are enacted. However, it is not an uncommon occurrence that systems are changed in a way that means they are no longer in compliance. Thus, it is necessary to use an accepted method to ensure that settings have not been changed. Which of the following is notone of these methods?Selected Answer:patch managementCorrect Answer:patch managementQuestion 262 out of 2 pointsIn order to ensure compliance, organizations deploy both new and current technologies. Which of the following is notone these new technologies?Selected Answer:Common Platform Enumeration (CPE)Correct Answer:Common Platform Enumeration (CPE)Question 272 out of 2 points
One of the methods that an organization can use to determine complianceis to perform _______________.Selected Answer:random auditsCorrect Answer:random auditsQuestion 282 out of 2 pointsConsider this scenario: A sales organization with an onsite IT staff experiences a major outage due to a minor change to a printer. Though systems were working successfully, the printer stopped working when a new server was added to the network. The new server that was added to the network shared the same IP address as the printer. Which of the following statements captures a contributing cause of the problem with the IP compatibility?Selected Answer:The IP address conflict demonstrates that the organization failed to comply with change management policies.Correct Answer:The IP address conflict demonstrates that the organization failed to comply with change management policies.Question 292 out of 2 pointsA security _____________identifies a group of fundamental configurations designed to accomplish particular security objectives.Selected Answer:baselineCorrect Answer:baselineQuestion 302 out of 2 pointsMany organizations have a(n) ________________________, which is comprisedof end user devices (including tablets, laptops, and smartphones) on a shared network and that use distributed system software; this enables these devices to function simultaneously, regardless of location.