158 whats the potential security benefit of rotation

Info iconThis preview shows pages 2–5. Sign up to view the full content.

View Full Document Right Arrow Icon
158 What's the potential security benefit of rotation of duties?
Background image of page 2

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
A. It reduces the risk that personnel will perform unauthorized activities. B. It ensures that all personnel are familiar with all security tasks. C. It's used to detect covert activities. D. It ensures security because personnel aren't too familiar with their duties. Answer: A See Chapter 10. Rotation of duties is used to keep mixing up the teams in order to prevent situations in which individuals are tempted to perform unauthorized acts. 159 The process of reviewing and approving changes in production systems is known as A. Availability management B. Configuration management C. Change management D. Resource control Answer: C See Chapter 10. Change management is the complete management function that controls changes made to a production environment. 160 The process of maintaining and documenting software versions and settings is known as A. Availability management B. Configuration management C. Change management D. Resource control Answer: B See Chapter 10. Configuration management is the support function that’s used to store version information about its systems. 161 Configuration management is used to A. Document the approval process for configuration changes. B. Control the approval process for configuration changes. C. Ensure that changes made to an information system don’t compromise its security. D. Preserve a complete history of the changes to software or data in a system. Answer: D
Background image of page 3
prior settings or versions of software or hardware, as well as to provide a check-out/check-in capability to avoid collisions @@md where two or more developers would be working on the same section of code at the same time, which would result in one developer’s changes overwriting the other’s. 162 The traces of original data remaining after media erasure are known as A. Data remanence B. Data traces C. Leakage D. Data particles Answer: A See Chapter 10. Erasure is seldom 100-percent effective. Despite complex and time-consuming methods, the slightest traces of data on media that’s been erased may always remain. 163 Software controls are used to A. Perform input checking to ensure that no buffer overflows occur. B. Prevent running programs from viewing or changing other programs’ memory. C. Perform configuration management-like functions on software. D. Ensure the confidentiality and integrity of software. Answer: D See Chapter 10. Software controls are used to protect software from unauthorized disclosure or tampering. 164 Someone who's performing penetration testing is A. Stress-testing access controls B. Looking for vulnerabilities in computer hardware or software C. Looking for unauthorized modems and wireless network base stations D. Attempting to decrypt encrypted data Answer: B See Chapter 10. Penetration testing is used to mimic an intruder’s activities by identifying potential weaknesses in hardware or software. 165
Background image of page 4

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page2 / 13

158 Whats the potential security benefit of rotation of...

This preview shows document pages 2 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online