Name:     ID: 
 
    Email: 

CNG 131 Chapter 16

True/False
Indicate whether the sentence or statement is true or false.
 

 1. 

A disaster recovery plan defines the resources, actions, and data required to reinstate critical business processes that have been damaged or disabled because of a disaster.
 

 2. 

Organizations with extensive business-critical data processing and storage requirements should also asses the need for off-site storage.
 

 3. 

A reciprocal backup agreement is a very expensive way to keep data safe and in separate locations.
 

 4. 

Software errors cannot be a cause for erroneous data to be added or removed from a database.
 

 5. 

The company will want to increase the level of trust it places on one person for high-risk activities.
 

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.
 

 6. 

A very cost-effective way to keep data safe and in separate locations by agreeing with another company to backup and store each other's data is called a(n):
a.
need-to-know
c.
SLA
b.
reciprocal backup agreement
d.
None of the above
 

 7. 

What protects the confidentiality of information and the integrity of systems by keeping unauthorized users out of computer systems?
a.
incident response policy
c.
password management
b.
due care
d.
data backup
 

 8. 

A method for establishing information dissemination in which users should only have access to information and resources they need to know about is called the:
a.
need-to-know
c.
due care
b.
incident response policy
d.
SLA
 

 9. 

What inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system?
a.
code of ethics
c.
due care
b.
data backups
d.
intrusion detection systems
 

 10. 

A written policy that covers how to deal with a security incident after it has already transpired is called a(n):
a.
code of ethics
c.
due care
b.
incident response policy
d.
reciprocal backup agreement
 

 11. 

What do you call reasonable precautions that are being taken that indicate an organization is being responsible?
a.
need-to-know
c.
due care
b.
code of ethics
d.
None of the above
 

 12. 

What does SLA stand for?
a.
Service Level Agreements
c.
Support Level Agreements
b.
System Linking Attributes
d.
System Level Agreement
 

 13. 

What does IDS stand for?
a.
internal detection systems
c.
internal detection sniffer
b.
inbound detection systems
d.
intrusion detection systems
 

 14. 

What does MAC stand for?
a.
modem access control
c.
medium access computer
b.
media access control
d.
media accountability control
 

 15. 

Which of the following are access control lists?
a.
discretion access control
c.
role-based access control
b.
system access control
d.
All of the above
 

 16. 

Which of the following events can cause outages?
a.
hardware failure
c.
malicious attack
b.
software failure
d.
All of the above
 

 17. 

Which of the following are a main type of backup facility?
a.
neutral site
c.
warm site
b.
closed site
d.
None of the above
 

 18. 

Which of the following is a step in a disaster recovery plan?
a.
business impact statement
c.
stop using compromised equipment
b.
documenting the server
d.
All of the above
 

 19. 

Which of the following should be included in an effective backup strategy?
a.
backup medium
c.
backup storage
b.
backup verify
d.
All of the above
 

 20. 

Which of the following are potential disaster threat categories?
a.
natural
c.
internal
b.
external
d.
All of the above
 

Matching
 
 
Please match the best term from the list below to the most appropriate concept.
a.
data backup
e.
need-to-know
b.
incident response policy
f.
due care
c.
code of ethics
g.
intrusion detection systems
d.
reciprocal backup agreement
h.
password management
 

 21. 

Reasonable precautions are being taken indicating responsibility.
 

 22. 

Cost-effective way to keep data safe by agreement with another company.
 

 23. 

HR policy that defines the company's stance on security and resources.
 

 24. 

Information dissemination in which users only have access if they need to know about it.
 

 25. 

Backing up al mission-critical data.
 
 
Please match the best term from the list below to the most appropriate concept.
a.
RBAC
e.
password management
b.
DAC
f.
preparation
c.
intrusion detection system
g.
incident response policy
d.
code of ethics
h.
incident response policy
 

 26. 

Policy that covers how to deal with a security incident after it has transpired.
 

 27. 

Protects the confidentiality of information and system integrity.
 

 28. 

Inspects all inbound and outbound network activity and identifies suspicious patterns.
 

 29. 

Control list which allows users access to files, services or resources based on the user's role in the organization.
 

 30. 

Being ready before an incident occurs.
 



 
Submit          Reset Help