Which of the following concepts represent the three fundamental principles of information security? Each correct answer represents a complete solution. Choose three.
Fill in the blank with an appropriate word. _________ are used in information security to formalize security policies.
Eric is the project manager of the NQQ Project and has hired the ZAS Corporation to complete part of the project work for Eric's organization. Due to a change request the ZAS Corporation is no longer needed on the project even though they have completed nearly all of the project work. Is Eric's organization liable to pay the ZAS Corporation for the work they have completed so far on the project?
Which of the following SDLC phases consists of the given security controls. Misuse Case Modeling Security Design and Architecture Review Threat and Risk Modeling Security Requirements and Test Cases Generation
Which of the following enables an inventor to legally enforce his right to exclude others from using his invention?
Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention?
You are the project manager of the HJK Project for your organization. You and the project team have created risk responses for many of the risk events in the project. Where should you document the proposed responses and the current status of all identified risks?
Mark works as a security manager for SofTech Inc. He is working in a partially equipped office space which contains some of the system hardware, software, telecommunications, and power sources. In which of the following types of office sites is he working?
Which of the following are the goals of risk management? Each correct answer represents a complete solution. Choose three.
Which of the following backup sites takes the longest recovery time?
Which of the following BCP teams is the first responder and deals with the immediate effects of the disaster?
Which of the following roles is responsible for review and risk analysis of all contracts on a regular basis?
Management has asked you to perform a risk audit and report back on the results. Bonny, a project team member asks you what a risk audit is. What do you tell Bonny?
Which of the following are the responsibilities of a custodian with regard to data in an information classification program? Each correct answer represents a complete solution. Choose three.
You are the program manager for your project. You are working with the project managers regarding the procurement processes for their projects. You have ruled out one particular contract type because it is considered too risky for the program. Which one of the following contract types is usually considered to be the most dangerous for the buyer?
Which of the following is the correct order of digital investigations Standard Operating Procedure (SOP)?
Software Development Life Cycle (SDLC) is a logical process used by programmers to develop software. Which of the following SDLC phases meets the audit objectives defined below: System and data are validated. System meets all user requirements. System meets all control requirements.
Which of the following relies on a physical characteristic of the user to verify his identity?
Configuration Management (CM) is an Information Technology Infrastructure Library (ITIL) IT Service Management (ITSM) process. Configuration Management is used for which of the following? 1.To account for all IT assets 2.To provide precise information support to other ITIL disciplines 3.To provide a solid base only for Incident and Problem Management 4.To verify configuration records and correct any exceptions
Which of the following processes is a structured approach to transitioning individuals, teams, and organizations from a current state to a desired future state?
Which of the following are the process steps of OPSEC? Each correct answer represents a part of the solution. Choose all that apply.
Which of the following statements reflect the 'Code of Ethics Canons' in the '(ISC)2 Code of Ethics'? Each correct answer represents a complete solution. Choose all that apply.
Rick is the project manager for TTM project. He is in the process of procuring services from vendors. He makes a contract with a vendor in which he precisely specify the services to be procured, and any changes to the procurement specification will increase the costs to the buyer. Which type of contract is this?
Which of the following involves changing data prior to or during input to a computer in an effort to commit fraud?
Which of the following Acts enacted in United States allows the FBI to issue National Security Letters (NSLs) to Internet service providers (ISPs) ordering them to disclose records about their customers?
Which of the following terms describes a repudiation of a contract that occurs before the time when performance is due?
Which of the following security models focuses on data confidentiality and controlled access to classified information?
What are the steps related to the vulnerability management program? Each correct answer represents a complete solution. Choose all that apply.
Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?
Which of the following plans is designed to protect critical business processes from natural or man-made failures or disasters and the resultant loss of capital due to the unavailability of normal business processes?
You company suspects an employee of sending unauthorized emails to competitors. These emails are alleged to contain confidential company dat a. Which of the following is the most important step for you to take in preserving the chain of custody?
Which of the following authentication protocols provides support for a wide range of authentication methods, such as smart cards and certificates?