Essay on IS3230 Final Exam Answers II

942 WordsDec 13, 20144 Pages
1. Which of the following is not a subject in an access control scenario? b. Information 2. Which of the following are the elements of a well-defined access control system? d. Policy, procedure, and tool 3. Which of the following statements best define the purpose of access control? a. Regulating interaction between a subject and an object 4. Which of the following components can be used to measure the confidence in any authentication system? d. Type of correlation and the number of authentication factors 5. Which of the following holds true while hardening an organizational network through security controls? b. 100 percent access control threats cannot be eliminated. 6. Which of the following should be considered while implementing a…show more content…
d. Operational efficiency 16. Which of the following is a key requirement of HIPAA for health organizations? b. Encryption of private health information on public networks 17. In which of the following forms may FERPA data appear? a. 3, 2, 1, 4 18. What does an IT security policy framework consist of? d. Policies, guidelines, standards, and procedures 19. Which of the following is a purely damaging attack, meant to render a system unusable? c. DoS attacks 20. What do Federal and State laws concerning unauthorized access serve as? b. Deterrents to data theft 21. Which of the following holds true for DMCA? b. Disallows unauthorized disclosure of data by circumventing an organization’s technology 22. Which of the following features should not be there in an access control system? c. Allow customers to amend and update the account of their family members 23. To which of the following do the aspects of compartmentalization and dual conditions belong to? b. Separation of responsibilities 24. Which of the following defines how employees may use IT infrastructure supplied by an organization? b. AUP 25. Which of the following is not a typical social engineering strategy? d. Communication 26. Separation of duties, periodic vacation, and job rotation are the ways to reduce human risk factors within an organizational structure. a. True 27. Which of the following manages ACLs in a MS Windows environment? d. Active Directory 28. Which of the following is

    More about Essay on IS3230 Final Exam Answers II

      Open Document