What type of document contains information on alternative business locations, IT resources, and personnel?
A. End-user license agreement
B. Nondisclosure agreement
C. Acceptable use policy
D. Security policy
E. Business continuity plan
Distinguish between the role of the data owner and the role of the data custodian. Complete the following sentence. The data owner is the:
A. department in the organization responsible for the data’s physical storage location. The data custodian is anyone who has access the data for any reason.
B. person or entity who accesses/and or manipulates data or information, in the course of assigned duties. The data custodian is a person or process with the appropriate level of privilege to access the data.
C. person or entity ultimately responsible for the security of an information asset. The data custodian is the person or entity responsible for imposing and enforcing policies and restrictions, dictated by the data owner.
D. person or process that originally creates the information. The data custodian is a role that shifts to any person or process currently accessing the data, and passes to the next person or process to access the data.
E. person or entity responsible for imposing and enforcing policies and restrictions, dictated by the functional user. The data custodian is a person or process who accesses and/or manipulates the information.
Which of the following is NOT a concern for enterprise physical security?
A. Network Intrusion Detection Systems
B. Social engineering
C. Dumpster diving
D. Property theft
E. Unauthorized access to a facility
A(n) _____________ is a quantitative review of risks, to determine how an organization continue to function, in the event a risk is realized. .
A. Monitored risk process
B. Disaster-recovery plan
C. Business impact analysis
D. Full interruption test
E. Information security audit
A(n)___________ is a one-way mathematical function that maps variable values into smaller values of a fixed length.
A. Symmetric key
C. Back door
D. Hash function
At ABC Corporation, access to critical information resources, such as database and e-mail servers, is controlled by the information-technology (IT) department. The supervisor in the department grants access to printers where the printer is located. Managers grant and revoke rights to files within their departments’ directories on the file server, but the IT department controls who has access to the directories. Which type of access-management system is in use at ABC Corporation?
A. Centralized access management
B. Role-based access management
C. Hybrid access management
D. Decentralized access management E-Privileged access management
One individual is selected from each department, to attend a security-awareness course. Each person returns to his department, delivering the course to the remainder of the department. After training is complete, each person acts as a peer coach. Which type of training is this?
A. On-line training
B. Formal classroom training
C. Train-the-mentor training
D. Alternating-facilitator training
E. Self-paced training
Which of the following are common failures that should be addressed in an (BCP) ? (Choose THREE.)
A. Connectivity failures
B. Accounting failures
C. Hardware failures
D. Utility failures
E. Personal failures
Which of the following is an example of a simple, physical-access control?
B. Access control list
C. Background check
Which of the following should be included in an enterprise Business Continuity Plan (BCP)? (Choose THREE.)
A. Accidental or intentional data deletion
B. Severe weather disasters
C. Employee terminations
D. Employee administrative leave
E. Minor power outages
Download Latest Checkpoint 156-110 Real Free Tests , help you to pass exam 100%.