Author: Anonymous

Regarding the Target breach in 2013, significant weaknesses in the information security framework and its related controls were present. Which of the following likely did not play a role in the Target breach?

True or False? The dollars spent for security measures to control or contain losses should never be less than the estimated dollar loss if something goes wrong.

Which of the following provides temporary elevated access to unprivileged users?

An acceptable use policy (AUP) defines the intended uses of computers and networks. This policy delimits unacceptable uses and the consequences for policy violation. Which of the following is not likely to be found in an AUP?

It is recommended that systems administrators analyze logs to determine if the logs have been altered because monitoring can deter risk. To serve this goal, a __________ can be used to assemble logs from platforms throughout a network.

Aside from human user types, there are nonhuman user groups. Known as account types, __________ are implemented by the system to support automated services, and __________ are accounts that remain nonhuman until individuals are assigned access and can use them to recover a system following a major outage.

A best practice for User Domain policies is to employ __________ as the preferred means of mitigating threats.

True or False? The chief information security officer (CISO) is responsible for the development of the framework for IT security policies, standards, and guidelines.

True or False? Insiders breaching security can affect an organization’s reputation and viability.

When is the best time to implement security policies to help developers diminish the number of vulnerabilities in an application?