CMIT 425 Asset Security Domain Questions PDF

Title	CMIT 425 Asset Security Domain Questions
Author	Cynthia Castellon
Course	Advanced Information Systems Security
Institution	University of Maryland Global Campus
Pages	3
File Size	47.3 KB
File Type	PDF
Total Downloads	61
Total Views	145

Preview

CLICK TO PREVIEW PDF

Summary

Download CMIT 425 Asset Security Domain Questions PDF

Description

CMIT 425 Asset Security Domain Questions 1. Which of the following is NOT a valid means to identify or label computer evidence? a. writing on printouts with permanent markers b. recording serial numbers c. writing a contents and ID tag file to a hard drive d. photographing the contents displayed on the monitor 2. Who is ultimately responsible for negligence in protecting the assets of an organization? a. Senior management b. Security team c. IT department d. Data custodian 3. Which security role addresses who decides on and controls access to data? a. b. c. d.

Custodian Server administrator Data owner End user

4. Which of the following is NOT a task assigned to a data owner? a. Assign classifications to data b. Dictate how information is to be protected c. Delegate security responsibilities to data custodians d. Implement security controls 5. A data _____________ is a copy of data that is no longer in use, but is kept in case it is needed at some future point. It is usually removed from the original location so that the storage space is available for data in use. a. Archive b. Backup c. Catalog d. None of the above 6. A data _____________ is a copy of a data set currently in use that is made in order to recover from the loss of the original data. It normally becomes less useful over time. a. b. c. d.

Archive Backup Catalog None of the above

7. When classifying information, the _______ of the information is a measure of how a loss of the information would impact the fundamental business activities of the organization. a. b. c. d.

age criticality sensitivity None of the above

8. When classifying information, the _______ of the information is a measure of the losses to an organization should the information be revealed to unauthorized parties. a. age b. criticality c. sensitivity d. None of the above 9. When classifying information, the terms “private”, “proprietary” and “sensitive” are usually associated with _____________ organizations. a. commercial b. foreign c. governmental d. None of the above 10. When classifying information, the terms “unclassified”, “secret” and “top secret” are usually associated with _____________ organizations. a. commercial b. foreign c. governmental d. None of the above 11. Which of the following classification types is used in both governmental and commercial organizations: a. Confidential b. Secret c. Sensitive d. Top Secret 12. __________________ applies data protection policies to data at rest and data in use. a. b. c. d.

Endpoint DLP Network DLP Static DLP Transient DLP

13. __________________ applies data protection policies to data in motion. a. Endpoint DLP b. Network DLP c. Static DLP d. Transient DLP 14. __________________ is a measure of the magnetic flux density that is left over on magnetic storage media after it is erased. a. Data leak prevention b. Data resiliency c. Data remanence d. None of the above 15. __________________ involves using a powerful magnetic force on conventional disk drives or tapes to remove or reduce the magnetic field patterns and destroy data. a. b. c. d.

Degaussing Encryption Overwriting Physical destruction...