Information
Below is Purpose of "Integrity", which is one of the Basic Components of Information Security
B
-------------------------is an asset like other important business assets has value to an organization and
consequently needs to be protected.
C
Information
Information
Information
Information
Information
Data is an asset like other important business assets has value to an organization and consequently needs to be protected
Information
C. Information
C. Information
All of these are assets that an organization must protect.
What is we do in ACT - From PDCA cycle
B
Take actions to continually improve process performance
Take actions to continually improve process performance
Take actions to continually improve process performance
Take actions to continually improve process performance
B. Take actions to continually improve process performance
Take actions to continually improve process performance
Continuly improve process performance
B. Take actions to continually improve process performance
B. Take actions to continually improve process performance
The "Act" phase is where you standardize successful changes, or take corrective actions if the results were not as expected.
Implement plan on a test basis - this comes under which section of PDCA
B
The answer is "DO"
Do Implement plan on a test basis
The answer is B:Do
B. Do B. Do
the answer is B. Do
Check implement plan on a test basis
Do under pdca
This comes under section of PDCA Do
When you "implement a plan on a test basis," you are performing the "Do" portion of the PDCA
Which is the glue that ties the triad together
A
Process is the glue that triad togather
Process is the glue that ties the triad together
A Process
A, Process
A. Process
Process is a triad
A. Process
people are the essential element that makes the other parts of an information security system function. They are the "glue" that holds it all together.
Who are allowed to access highly confidential files?
C
Employee with signed NDA have a business need to know
Employees with signed NDA have a business need-to-know
Employees with signed NDA have a business need-to-know
Employees with signed NDA have a business need-to-know
Employees with signed NDA have a business need-to-know
C. Employees with signed NDA have a business need-to-know
Employee with nda
C. Employees with signed NDA have a business need-to-know
while contractors and non-employees might have access in some cases, the core of the answer is employees that have a business need to know.
Which is not a requirement of HR prior to hiring?
C
Must undergo Awareness training on information security.
Must undergo Awareness training on information security
Must undergo Awareness training on information security.
Must undergo Awareness training on information security.
C. Must undergo Awareness training on information security.
Awareness training on information security is typically conducted after an individual is hired and becomes an employee.
CMM stands for?
C
Capacity Maturity Model
Capability Maturity Model
Capability Maturity Model
Capability Maturity Model
Capability Maturity Model
C. Capability Maturity Model
CMM can also stand for "Coordinate Measuring Machine" in the field of metrology. 1 So the context of the question is very important. But in the context of software development process improvement, it is Capability Maturity Model
In acceptable use of Information Assets, which is the best practice?
A
A is the answer
Access to information and communication systems are provided for business purpose only
Access to information and communication systems are provided for business purpose only
Access to information and communication systems are provided for business purpose only
A. Access to information and communication systems are provided for business purpose only
A. Access to information and communication systems are provided for business purpose only
This principle aligns with the core idea of responsible and productive use of company resources. It minimizes risks, maximizes efficiency, and protects sensitive information.
All are prohibited in acceptable use of information assets, except:
C
Company-wide e-mails with supervisor/TL permission.
Company-wide e-mails with supervisor/TL permission.
Company-wide e-mails with supervisor/TL permission
Company-wide e-mails with supervisor/TL permission
C. Company-wide e-mails with supervisor/TL permission.
C. Company-wide e-mails with supervisor/TL permission.
While company-wide emails should be used judiciously, they are sometimes necessary for important announcements or updates. With supervisor/TL permission, there is oversight and control.
Information Security is a matter of building and maintaining ________ .
B
Information Security is a matter of building and maintaining Trust
B. Trust trust
B trust b trust
B. Trust B. Trust
A. Confidentiality
It has to be trust. If we choose confidentiality then its not only in the CIA TRIAD, rather integrity and availability would also need to be mentioned.
Phishing is what type of Information Security Incident?
B
Cracker/Hacker Attacks
Cracker/Hacker Attacks
Cracker/Hacker Attacks
Cracker/Hacker Attacks
Cracker/Hacker Attacks
B. Cracker/Hacker Attacks
B. Cracker/Hacker Attacks
Phishing is a social engineering attack used by malicious actors (crackers/hackers) to deceive individuals into revealing sensitive information.1 It's a method they employ to gain unauthorized access
The following are the guidelines to protect your password, except:
B,C
For easy recall, use the same password for company and personal accounts
For easy recall, use the same password for company and personal accounts
For easy recall, use the same password for company and personal accounts
For easy recall, use the same password for company and personal accounts
Utiliser le même mot de passe pour les comptes de l'entreprise et les comptes personnels n'est pas recommandé car cela augmente le risque de compromission de la sécurité.
D. Change a temporary password on first log-on
Using the same password across multiple accounts, especially company and personal, significantly increases the risk. If one account is compromised, all accounts using that password are vulnerable
The following are purposes of Information Security, except:
C
Increase Business Assets
Increase Business Assets
Increase Business Assets
Increase Business Assets
Increase Business Assets
C. Increase Business Assets
n'est pas un objectif direct de la sécurité de l'information
D. Maximize Return on Investment
Which of the following is not a type of Information Security attack?
B
Vehicular incident
Vehicular Incidents
Vehicular Incidents
Vehicular Incidents
Vehicular Incidents
Vehicular Incidents
Vehicular Incidents
Vehicular Incidents
B. Vehicular Incidents
Vehicular Incidents
B. Vehicular Incidents
B. Vehicular Incidents
Vehicular incidents, while potentially disruptive, are not directly related to attacks on information systems or data.
the property of safeguarding the accuracy and completeness of assets.
the property of safeguarding the accuracy and completeness of assets
ddddddddddddddddddddddddddddddddddddddddd
the property of safeguarding the accuracy and completeness of assets.
the property of safeguarding the accuracy and completeness of assets.
the property of safeguarding the accuracy and completeness of assets.
the property of safeguarding the accuracy and completeness of assets.
the property of safeguarding the accuracy and completeness of assets
the property of safeguarding the accuracy and completeness of assets.
the property of safeguarding the accuracy and completeness of assets.
the property that information is not made available or disclosed to unauthorized individuals
Safeguarding the accuracy and completeness of the assests
C. the property that information is not made available or disclosed to unauthorized individuals
B. the property of safeguarding the accuracy and completeness of assets.
B. the property of safeguarding the accuracy and completeness of assets.
Integrity is the pillar of information security that safeguards the accuracy of the data
Integrity in information security focuses on ensuring that data is accurate, consistent, and reliable. It's about preventing unauthorized modifications or corruptions.