FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 12: Information Security Maintenance

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 51

Essay

Review LaterAdd Note

Review Later

List the five domains of the recommended maintenance model.

Correct Answer

verified

The recommended maintenance model is bas...

View Answer

Show Answer

Question 52

Multiple Choice

Review LaterAdd Note

Review Later

There are ____ common vulnerability assessment processes.

A) two
B) three
C) four
D) five

E) None of the above
F) B) and C)

Correct Answer

verified

Show Answer

Question 53

Multiple Choice

Review LaterAdd Note

The ____ vulnerability assessment process is designed to find and document selected vulnerabilities that are likely to be present on the internal network of the organization.

Using scripted dialing attacks against a pool of phone numbers is often called war ____________________.

The primary goal of the ____________________ monitoring domain is to maintain an informed awareness of the state of all of the organization's networks,information systems,and information security defenses.

When the amount of data stored on a particular hard drive averages 30-40% of available capacity for a prolonged period,consider an upgrade for the hard drive.

The CISO uses the results of maintenance activities and the review of the information security program to determine if the status quo can adequately meet the threats at hand._________________________

One approach that can improve the situational awareness of the information security function uses a process known as ____ to quickly identify changes to the internal environment.

An example of the type of vulnerability exposed via traffic analysis occurs when an organization is trying to determine if all its device signatures have been adequately masked._________________________

All systems that are mission critical should be enrolled in PSV measurement.

Court decisions generally do not impact agency policy.

A ____ is the recorded state of a particular revision of a software or hardware configuration item.

A trouble ticket is closed when a user calls about an issue._________________________

The optimum approach for escalation is based on a thorough integration of the monitoring process into the ____.

Rehearsals that closely match reality are called ____________________ games.

Detailed ____ on the highest risk warnings can include identifying which vendor updates apply to which vulnerabilities as well as which types of defenses have been found to work against the specific vulnerabilities reported.

Each phase of the SDLC includes a(n)maximum set of information security-related activities required to effectively incorporate security into a system._________________________

The ____ mailing list includes announcements and discussion of an open-source IDPS.

____________________ is the process of reviewing the use of a system,not to check performance,but rather to determine if misuse or malfeasance has occurred.

A(n) ____ item is a hardware or software item that is to be modified and revised throughout its life cycle.