Blog

Mergers and acquisitions commonly introduce __________ risk, which may change how an organization operates.

A class of software that supports policy management and publication is called Governance, Risk, and Compliance (GRC). Which of the following explanations fits the “governance” category of the software?

If you are reacting to a malicious software attack, such as a virus and its spread, during which step in the incident response process are you attempting to minimize its spreading?

Which one of the following elements is not normally included in a log entry?

What tool allows you to view Windows security logs?

True or False? One obstacle to security policy implementation is lack of budget.

Separation of duties is a security control whereby the same person

True or False? Whereas quality assurance is an evaluation to indicate needed corrective responses, quality control is the act of giving confidence.

Assume your organization has 200 computers. You could configure a tool to run every Saturday night. It would query each of the systems to determine their configuration and verify compliance. When the scans are complete, the tool would provide a report listing all systems that are out of compliance, including specific issues. What type of tool is being described?

True or False? “Control environment” is a term for the overall way in which the organization’s controls are governed and executed, including how effectively the controls are implemented.