What kind of risk did management fail to consider?
John’s company bought security liability insurance covering the cost of equipment only to find that the policy did not fully compensate for the damage done after thieves broke in and stole the data center equipment, because the loss in productivity had not been factored in. What kind of risk did management fail to consider?
Which of the following represents the best approach to implementing a security program?
Which of the following represents the best approach to implementing a security program?
what kind of security failure?
"Shoulder surfing" is an example of what kind of security failure?
which kinds of security controls?
Encryption and monitoring represent which kinds of security controls?
Which of the following should be done upon the hiring of personnel?
Which of the following should be done upon the hiring of personnel?
Which describes the proper relationship of the words “threat,” “exposure,” and “
Which describes the proper relationship of the words "threat," "exposure," and "risk"?
Which of the following defines a countermeasure?
Which of the following defines a countermeasure?
Which entity provides formal authorization on access decisions?
Which entity provides formal authorization on access decisions?
What should the trainers answer be?
In your companys first ever security awareness training class, Ron asked the question "Why do we have to have security awareness training anyway?" What should the trainers answer be?
Control Objectives for Information and related Technology provides all of the following except:
Control Objectives for Information and related Technology provides all of the following except:
i. control objectives
ii. control practices
iii. goal indicators
iv. performance indicators
v. success factors
vi. maturity models