Blog

In order to be compliant with Payment Card Industry Data Security Standard (PCI DSS), one of the control objectives that should be included in one’s security policies and controls is maintaining a vulnerability management program. This control objective:

True or False? A number of U.S. laws are designed to provide confidence in the financial markets.

True or False? It is generally recommended that security policies focus on specific products rather than broader capabilities.

The concept of __________ comes from the acknowledgment that data changes form and often gets copied, moved, and stored in many places. Sensitive data often leaves the protection of application databases and ends up in emails, spreadsheets, and personal workstation files.

The Family Educational Rights and Privacy Act (FERPA) requires several key elements in a security policy for compliance. Which of the following is a key element that states that schools can share information without permission for legitimate education evaluation reasons as well as for health and safety reasons?

True or False? To build a frame work for security policies and controls, one can use the following approach: (1) document the concepts and principles you will adopt, (2) apply them to security policies and standards, and (3) develop security controls and procedures.

True or False? Of the eight classic personality types in the workplace, Avoiders tend to do what’s asked of them but not much more.

A switch, router, and firewall are most commonly part of which domain of a typical IT infrastructure?

True or False? The Payment Card Industry Data Security Standard (PCI DSS) is a worldwide information security standard that describes how to protect credit card information.

__________ refers to an attempt to cause fear or major disruptions in a society through hacking computers. Such attacks target government computers, major companies, or key areas of the economy.