Blog

In order for an IT security framework to meet information assurance needs, the framework needs to include policies for several areas. Which of the following is not one of the areas?

In general, WAN-specific standards identify specific security requirements for WAN devices. For example, the __________ explains the family of controls needed to secure the connection from the internal network to the WAN router, whereas the__________ identifies which controls are vital for use of web services provided by suppliers and external partnerships.

True or False? Operational risk results from negative publicity regarding an organization’s practices.

Within the User Domain of a typical IT infrastructure is a range of user types. Each type has specific and distinct access needs. Which of the following types of users are external to the organization, provide services to the organization, and are not directly managed by the organization?

True or False? System administrators are typically responsible for audit coordination and response, physical security and building operations, and disaster recovery and contingency planning.

There are many ways that people can be manipulated to disclose knowledge that can be used to jeopardize security. One of these ways is to call someone under the false pretense of being from the IT department. This is an example of:

True or False? C-level executives, such as CIOs and CEOs, are often the target of social engineering.

True or False? A security awareness policy should inform workers of how to deal with unexpected risk.

True or False? Hacking is attractive because of the ease with which data can be obtained compared with social engineering.

True or False? A best practice is to require all users who access information to use unique credentials that identify who they are.