Author: Anonymous

True or False? You cannot design effective security controls without good security policies.

True or False? Payment Card Industry Data Security Standard (PCI DSS) requires an organization to have PCI DSS security policies and controls in place and validated.

Which of the following best describes inventory management?

In order to gain a deeper understanding of how employees interact in the workplace, it is useful to learn about the eight classic personality types that have been identified by HR Magazine. One of these is the Analyticals. Which of the following descriptions best captures this personality type?

True or False? Discovery management systems extract logs from a device and typically move logs to a central repository.

In order to be compliant with Payment Card Industry Data Security Standard (PCI DSS), one of the control objectives that should be included in one’s security policies and controls is maintaining a vulnerability management program. This control objective:

True or False? A number of U.S. laws are designed to provide confidence in the financial markets.

True or False? It is generally recommended that security policies focus on specific products rather than broader capabilities.

The concept of __________ comes from the acknowledgment that data changes form and often gets copied, moved, and stored in many places. Sensitive data often leaves the protection of application databases and ends up in emails, spreadsheets, and personal workstation files.

The Family Educational Rights and Privacy Act (FERPA) requires several key elements in a security policy for compliance. Which of the following is a key element that states that schools can share information without permission for legitimate education evaluation reasons as well as for health and safety reasons?