LAB 1 ASSESSMENT QUESTIONS
1. What section of the SOX compliance law requires proper controls and hence, security
controls, to ensure the confidentiality and integrity of financial information and record keeping
within an IT infrastr
UNIT 9 ASSIGNMENT 1
The System/Application Domain is the engine for your organizations distributed
applications. Although other domains are crucial to supporting your organization, the
System/Application Domain houses most of your or
UNIT 8 ASSIGNMENT 1
The Remote Access Domain opens applications and resources to remote users.
Doing so has the potential for exposing your internal environment to more threats.
Because this domain commonly connects remote users to y
UNIT 6 ASSIGNMENT 1
Taken together, policies, procedures, and guidelines provide the instructions and limits
that enable your users to comply with your security policy when using components of the
Workstation Domain. Even though you
UNIT 7 ASSIGNMENT 1
Best practices for a local area network to a wide area network, a WAN spans a large
physical distance while the LAN is a local area for example a building. The Internet is one of the
largest and a WAN network need
UNIT 5 ASSIGNMENT 1
Since user actions result in retrieving information, it is necessary to control and monitor
user action to maintain secure system. System must uniquely identify user and allow access only
to information for which
UNIT 4 ASSIGNMENT 1
The difference between IT security controls and countermeasure gap analysis is that gap analysis
is comparing the as is to the to be. This is different for security controls, because it involves
comparing the stat
UNIT 3 ASSIGNMENT 1
For any organization, there are many security control points that, in this case the Defense
Spectrum Organization (DSO), should look at as necessary areas for precaution and care:
inventory of authorized and unaut
UNIT 1 ASSIGNMENT 1
Description of Compliance
Used to fight health insurance
fraud. Known for rules to
protect the privacy and
security of personal health
To protect shareholders and
UNIT 2 ASSIGNMENT 1
The task is to identify three frameworks that could be used for the Defense Spectrum
Organization for establishing long term strategies for security. A framework is a set of rules and
ideas that provide structure
UNIT 9 LAB 9
1. What are some common risks, and vulnerabilities commonly found in the
System/Application Domain that must be mitigated with proper security countermeasures?
Unauthorized access to data centers, computer rooms and wiri
UNIT 8 LAB 8
1. What are some common risks, threats, vulnerabilities commonly found in the Remote Access Domain
that must be mitigated through a layered security strategy?
a. The most common risks, threats and vulnerabilities found i
UNIT 7 LAB 7
1. What area some common risks, threats, and vulnerabilities commonly found in the LANto-WAN Domain that must be mitigated through a layered security strategy?
a. Some of the common risks, threats, and vulnerabilities fo
LAB 6 ASSESSMENT QUESTIONS
1. What are some common risks, threats, and vulnerabilities commonly found in the Workstation
Domain that must be mitigated through a layered security strategy?
Workstations can hold valuable information or
LAB 3 ASSESSMENT QUESTIONS
1. What are the four parts of the administrative simplification requirements of HIPAA?
Electronic transactions and code sets standards requirements
LAB 5 ASSESSMENT QUESTIONS
1. GLBA repealed parts of an act. Name the act and explain why it was significant for financial
institutions and insurance companies.
Parts of the glass Steagall act of 1933 GLBA allows financial institutio
LAB 4 ASSESSMENT QUESTIONS
1. What is a PHP Remote File Include (RFI) attack, and why are these prevalent in today's
RFI stands for Remote File Inclusion that allows the attacker to upload a custom
LAB 2 ASSESSMENT QUESTIONS
1. What is the difference between DITSCAP and DIACP?
DITSCAP provided guidance on roles, activities and documents for performing C&A, but
it did not clearly identify what requirements to use.