3 Months Free Update
3 Months Free Update
3 Months Free Update
Mark is the project manager of the HAR Project. The project is scheduled to last for eighteen months and six months already passed. Management asks Mark that how often the project team is participating in the risk reassessment of this project. What should Mark tell management if he is following the best practices for risk management?
You work as a project manager for TYU project. You are planning for risk mitigation. You need to identify the risks that will need a more in-depth analysis. Which of the following activities will help you in this?
Allen works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate a computer, which is used by the suspect to sexually harass the victim using instant messenger program. Suspect's computer runs on Windows operating system. Allen wants to recover password from instant messenger program, which suspect is using, to collect the evidence of the crime. Allen is using Helix Live for this purpose. Which of the following utilities of Helix will he use to accomplish the task?
Which of the following refers to the ability to ensure that the data is not modified or tampered with?
Which of the following defines the communication link between a Web server and Web applications?
Which of the following contract types is described in the statement below?
"The seller is reimbursed for all allowable costs for performing the contract work, and receives a fixed payment calculated as a percentage for the initial estimated project costs."
Fill the measurement of SFX form factor style power supply in the blank space.
The SFX form factor style power supply is______mm wide, ______mm deep, and______
mm in height.
Which of the following response teams aims to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing among members and the community at large?
Which of the following documents is necessary to continue the business in the event of disaster or emergency?
Which of the following tasks is prioritized the most by the information security strategy?
Which of the following processes hides one set of IP addresses used for internal traffic only while exposing a second set of addresses to external traffic?
Which of the following systems monitors the operating system detecting inappropriate activity, writing to log files, and triggering alarms?
Which of the following TCB techniques involves viewing system components at a high level and ignoring or segregating its specific details?
Fill the appropriate power supply form factor in the blank space.
_________form factor is similar to LPX form factor in physical dimensions.
In which of the following DRP tests does a business unit management meet to review the plan?
Fill in the blank with the appropriate number:
RAID-______is a combination of RAID-1 and RAID-0.
Which of the following SSE-CMM security engineering Process Areas (PA) provides the security input?
Which of the following individuals incorporates risk assessment in training programs for the
organization's personnel?
Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention?
Which of the following Tier 1 policies will identify who is responsible for what?
Which of the following strategies is used to minimize the effects of a disruptive event on a company, and is created to prevent interruptions to normal business activity?
Which of the following processes helps the organization to identify appropriate controls for
reducing or eliminating risk during the risk mitigation process?
Which of the following roles is responsible for review and risk analysis of all contracts on a regular basis?
In which of the following managing styles does the manager supervise subordinates very closely and give detail directions?
Which of the following sources is the best for developing Recovery Time Objectives (RTO)?
Which of the following types of agreement can be a legally binding formal or informal "contract"?
You work as a Database Administrator for Bluewell Inc. The company has a SQL Server 2005 computer. The company asks you to implement a RAID system to provide fault tolerance to a database. You want to implement disk mirroring. Which of the following RAID levels will you use to accomplish the task?
Which of the following is prepared by the business and serves as a starting point for producing the IT Service Continuity Strategy?
Which of the following types of control gives an instance of the audit log?
A Web-based credit card company had collected financial and personal details of Mark before issuing him a credit card. The company has now provided Mark's financial and personal details to another company. Which of the following Internet laws has the credit card issuing company violated?
Which of the following types of controls focuses on stopping a security breach from taking place in the ?rst place?
Which of the following are some of the parts of a project plan?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following features of the Cisco MDS 9000 SAN Extension over IP Package help in implementing efficient FCIP-based business-continuity and disaster-recovery solutions?
Each correct answer represents a complete solution. Choose all that apply.
You work as a Network administrator for Infonet Inc. The company has 135 Windows XP Professional computers and twenty Windows 2003 Server computers. You want to specify the number of invalid logon attempts allowed before a user account is locked out. What will you do to accomplish the task?
Who among the following has the ultimate responsibility for the protection of the organization's information?
You work as an Incident handling manager for Orangesect Inc. You detect a virus attack incident in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the Incident handling process will utilize the signature to resolve this incident?
You are responsible for network and information security at a large hospital. It is a significant concern that any change to any patient record can be easily traced back to the person who made that change. What is this called?
Software Development Life Cycle (SDLC) is a logical process used by the programmers to develop software. Which SDLC phase meets the following audit objectives? l System and data are validated. l System meets all user requirements.
l System meets all control requirements.
Which of the following processes involves reducing the risk until it reaches a level acceptable to an organization?
Which of the following cryptographic system services ensures that the information will not be disclosed to any unauthorized person on a local network?
In risk analysis, which of the following can be identified as a consequence of a disaster?
In which of the following managing styles does the manager supervise subordinates very closely and give detail directions?
Organizations must assess the safety of their workplaces and consider the ability of a business to continue despite risk impact. When assessing business continuity risks, the HR Professional must consider several different types of disasters, their probability, and impact on an organization. What category of disaster is best described as acts of terrorism, major thefts, sabotage, or labor disputes?
Which of the following processes helps to quantify the impact of potential threats to put a price or value on the cost of lost business functionality?
Which of the following processes helps to quantify the impact of potential threats to put a price or value on the cost of lost business functionality?
Which of the following control measures are considered while creating a disaster recovery plan?
Each correct answer represents a part of the solution. Choose three.
Which of the following procedures is designed to enable security personnel to identify, mitigate, and recover from malicious computer incidents, such as unauthorized access to a system or data, denial-of-service attacks, or unauthorized changes to system hardware, software, or data?
Which of the following documents helps disaster recovery team members in getting the alternate sites up and running?
Which of the following BCP teams is the first responder and deals with the immediate effects of the disaster?
Which of the following documents is necessary to continue the business in the event of disaster or emergency?
You work as a Database Administrator for Bluewell Inc. The company has a SQL Server 2005 computer. The company asks you to implement a RAID system to provide fault tolerance to a database. You want to implement disk mirroring. Which of the following RAID levels will you use to accomplish the task?
Which of the following should the administrator ensure during the test of a disaster recovery plan?
Which of the following SSE-CMM security engineering Process Areas (PA) specifies the security needs?
Which of the following documents provides a high-level view of the entire organization's disaster recovery efforts?
You work as a Network administrator for Infonet Inc. The company has 135 Windows XP Professional computers and twenty Windows 2003 Server computers. You want to specify the number of invalid logon attempts allowed before a user account is locked out. What will you do to accomplish the task?
Fill in the blank:
A ___________plan is a plan devised for a specific situation when things could go wrong.
Which of the following sites is a non-mainstream alternative to a traditional recovery site?
Configuration Management (CM) is an Information Technology Infrastructure Library (ITIL) IT Service Management (ITSM) process. Configuration Management is used for which of the following?
Each correct answer represents a part of the solution. Choose all that apply.
You work as a project manager for TYU project. You are planning for risk mitigation. You need to identify the risks that will need a more in-depth analysis. Which of the following activities will help you in this?
Which of the following values must ensure that the Maximum Tolerable Period of Disruption
(MTPD) for each activity is not exceeded?
Which of the following subphases are defined in the maintenance phase of the life cycle models?
Each correct answer represents a part of the solution. Choose all that apply.
Fill in the blank:
A______plan is a plan devised for a specific situation when things could go wrong.
Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention?
Which of the following disaster recovery tests includes the operations that shut down at the primary site, and are shifted to the recovery site according to the disaster recovery plan?
Which of the following classification schemes is considered to be of a personal nature and is
intended for company use only?
Which of the following sets of incident response practices is recommended by the CERT/CC?
Fill in the blank with the appropriate number:
RAID-________ is a combination of RAID-1 and RAID-0.
Which of the following tests ensures that the organization complies with the requirements of the disaster recovery plan?
Which of the following processes is involved in identifying, measuring, and controlling events?
Which of the following actions can be performed by using the principle of separation of duties?
Which of the following statements are true about classless routing protocols?
Each correct answer represents a complete solution. Choose two.
Which of the following BCP teams assesses the damage of the disaster in order to provide the estimate of the time required to recover?
Fill the appropriate power supply form factor in the blank space.
_________form factor is similar to LPX form factor in physical dimensions.
Which of the following is the phase of Incident handling process in which the distinction between an event and an incident is made?
Which of the following options is an activity of observing the content that appears on a computer monitor or watching what a user is typing?
John, a novice web user, makes a new e-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking attacks?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following methods is a means of ensuring that system changes are approved before being implemented, and the implementation is complete and accurate?
Fill in the blank with the appropriate number:
RAID-________ is a combination of RAID-1 and RAID-0.
You work as a senior project manager in SoftTech Inc. You are working on a software project using configuration management. Through configuration management, you are decomposing the verification system into identifiable, understandable, manageable, traceable units that are known as Configuration Items (CIs). According to you, which of the following processes is known as the decomposition process of a verification system into Configuration Items?
Which of the following processes acts as a control measure that provides some amount of
protection to the assets?