Blog

True or False? For the sake of protection during a lawsuit, it is advised that an organization create a retention policy that delineates how data is regularly classified, deleted, and retained.

True or False? The risk and control self-assessment (RCSA) is utilized to construct plans for risk management, which can include the location of where to implement the procedures for quality assurance and quality control.

In a business impact analysis (BIA), the phase of defining the business’s components and the component priorities has several objectives. Which of the following is not one of the objectives?

A company is notified that its servers have been compromised to be a jumping-off point to attack a host of other companies. The company quickly activates an incident response team (IRT), which is unable to locate the breach. The company then seeks the services of an outside firm that specializes in forensic analysis and intrusions. The outside firm locates the source of the breach and wants to monitor the actions of the intruder. However, the outside firm is informed by the client’s legal counsel that the company does not agree with this course of action. Which of the following statements best captures the effectiveness of the company’s IRT policies?

Which the following is not one the policies concerned with LAN-to-WAN Domain filtering and connectivity?

True or False? A trusted timestamp is a LAN control standard that explains the need for trusted timestamps and timeservers for audit record production.

__________ is a term that refers to a user’s capability to authenticate once to access the network and then have automatic authentication on different applications and devices afterward.

Which of the following types of baseline documents is most likely created to serve the demands of the Workstation Domain?

A major software company finds that code has been executed on an infected machine in its operating system. As a result, the company begins working to manage the risk and eliminates the vulnerability 12 days later. Which of the following statements best describes the company’s approach?

The National Security Information document EO 12356 explains the U.S. military classification scheme of Top Secret, Secret, Confidential, Sensitive but Unclassified, and Unclassified. Which of the following would be reasonably expected to cause grave damage to national security in the event of unauthorized disclosure?