Course Hero Logo
Answered step-by-step

Question 1 Many organizations have a(n) __________, whi ch is...

Question 1

  1. Many organizations have a(n) __________, which is composed of end user devices (including tablets, laptops, and smartphones) on a shared network and that use distributed system software

central server

distributed infrastructure

agentless central management tool

control environment


Question 2

  1. A(n) __________ is a general term used in technology to describe a future state in which

specific goals and objectives have been achieved.

threat vector


target state

communications plan


Question 3

  1. A(n) __________ is a device that has the ability and permission to reach out and connect to distributed devices to push changes to the devices.

malware tool

asset management tool

agentless central management tool

change management tool


Question 4

  1. Which of the following scenarios illustrates an ideal time to implement security policies to gain the maximum level of organizational commitment?

The policies should be implemented following a new product launch.

The policies should be implemented at the same time new customer service policies are introduced.

The policies should be implemented to coincide with audit findings in order to minimize security risks.

The policies should be implemented at the same time of a new product launch.


Question 5

  1. Which of the following is not one of the consequences of an unmotivated employee?

Is prone to bad decision-making

Is a target for social engineering pretexts

Fails to report a control weakness

Lacks self-interest


Question 6

  1. A policy is a means of implementing a control, such as a way to prevent or detect a specific type of security breach




Question 7

  1. Organizations should build a governance policy committee to monitor policy adoption and effectiveness.




Question 8

  1. __________ are more likely to monitor security policy activity after the fact and in the aggregate to assess whether goals are being achieved, whereas __________ are likely to monitor activities before, during, and after as part of running the operations.

Governance committees, management committees

Management committees, government committees

Governance committees, project committees

Project committees, management committees


Question 9

  1. Which of the following is instituted by executive management, is responsible for enforcing policies by reviewing technology activity, and greenlights new projects and activities? This committee is the basis of the other committees.

Project committee

Vendor governance committee

Gateway committee

Operational risk committee


Question 10

  1. One of the many roles of the security compliance committee is to focus on controls that are widely used across a significant population of applications, systems, and operations. These types of controls are known as __________ controls.






Question 11

  1. What is the main difference between a law and a regulation?

Security policies try to comply with regulatory requirements.

Regulation requirements build procedures for determining legal thresholds.

Regulations have authority that derives from the original law.

Laws institute legal thresholds.


Question 12

  1. Which of the following is a network security device that acts as a decoy for hackers?


Demilitarized zone (DMZ)

Threat vector

Automation device


Question 13

  1. Whereas a governance committee deals with the details for maintaining daily business operations, a management committee establishes strategic direction




Question 14

  1. Gateway committees are named as such because they are the gateways for

new technology projects entering an organization.




Question 15

  1. Companies seek to monitor employee email usage to safeguard against malware, viruses, sensitive information, and data leakage protection (DLP).




Question 16

  1. The __________ window is the gap between when a new vulnerability is discovered and when software developers write a patch






Question 17

  1. Microsoft offers automated tools that can be used to verify compliance. Once such tool is __________, which queries systems for vulnerabilities, deploys updates, and deploys operating system images to clients.

System Center Configuration Manager (SCCM)

Systems Management Server (SMS)




Question 18

  1. A security baseline is deployed in your organization. You discover that one system is regularly being reconfigured. The security tool fixes it, and then the next scan shows it has changed again. You want to know who or what is making this change. Which is the best first step to resolve the issue?

Redeploy the original security baseline.

Enable auditing and then view the audit trail.

Reinstall the system.

Perform a random audit for compliance.


Question 19

  1. There are several different best practices for IT security policy monitoring. One such practice is to build a baseline based on a security policy, which entails:

using a security policy document as a road map.

using images whenever possible to deploy new operating systems.

routinely tracking rule and regulatory changes.

regularly auditing systems after the baseline has been deployed.


Question 20

  1. A configuration management database (CMDB) holds the configuration information for systems throughout a system's life cycle.



Answer & Explanation
Verified Solved by verified expert
Rated Helpful
<p>ongue vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac ma</p> Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet

Unlock full access to Course Hero

Explore over 16 million step-by-step answers from our library

Subscribe to view answer
  • quat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dic
  • ec aliquet. Lorem ipsum dolor sit amet, con
  • nec
  • nec
  • ce dui lectus, congue vel laoreet ac, dic
  • molestie consequ
  • ur laore
Step-by-step explanation

, consec


  • entesque dapibusor nec facilisis. Pellentesque dapibus efficitur laoreet. Na
  • fficitur laoreet.molestie
  • rem ipsum dolor siamet
  • at, ultrices ac masus
  • ipsum dolor sit amsus
  • rem ipsum dolor sia. Fusce dui lect
  • consectetur adipisat, ultrices ac magna. Fusce dui lectus, c
  • molestie consequats a molestie consequat, ultrices ac magna. Fu
  • lestie consequat,m ipsum dolor sit amet, consectetur adipiscing elit. Nam lacini
  • molestie consequatamet

Student reviews
100% (3 ratings)
Easy to follow