- All Exams Instant Download
How are data and information related?
How are data and information related?A . Data is a collection of structured and unstructured informationB . Information consists of facts and statistics collected together for reference or analysisC . When meaning and value are assigned to data, it becomes informationView AnswerAnswer: C Explanation: Data and information are related concepts,...
What is an example of the indirect damage caused by this fire?
There was a fire in a branch of the company Midwest Insurance. The fire department quickly arrived at the scene and could extinguish the fire before it spread and burned down the entire premises. The server, however, was destroyed in the fire. The backup tapes kept in another room had...
__________ is a software used or created by hackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems.
__________ is a software used or created by hackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems.A . TrojanB . Operating SystemC . VirusD . MalwareView AnswerAnswer: D Explanation: Malware is a software used or created by hackers to disrupt computer operation, gather sensitive...
What controls can you do to protect sensitive data in your computer when you go out for lunch?
What controls can you do to protect sensitive data in your computer when you go out for lunch?A . You activate your favorite screen-saverB . You are confident to leave your computer screen as is since a password protected screensaver is installed and it is set to activate after 10...
What type of compliancy standard, regulation or legislation provides a code of practice for information security?
What type of compliancy standard, regulation or legislation provides a code of practice for information security?A . ISO/IEC 27002B . Personal data protection actC . Computer criminality actD . IT Service ManagementView AnswerAnswer: A Explanation: ISO/IEC 27002:2022 is an international standard that provides a code of practice for information security...
Which security principle is violated?
A hacker gains access to a web server and reads the credit card numbers stored on that server. Which security principle is violated?A . AvailabilityB . ConfidentialityC . IntegrityD . AuthenticityView AnswerAnswer: B Explanation: Confidentiality is one of the security principles that states that only authorized parties should have access...
What is a qualitative risk analysis?
A couple of years ago you started your company which has now grown from 1 to 20 employees. Your company’s information is worth more and more and gone are the days when you could keep control yourself. You are aware that you have to take measures, but what should they...
Changes on project-managed applications or database should undergo the change control process as documented.
Changes on project-managed applications or database should undergo the change control process as documented.A . TrueB . FalseView AnswerAnswer: A Explanation: Changes on project-managed applications or database should undergo the change control process as documented, because this is a requirement of ISO/IEC 27001:2022 clause 12.1.2, which states that “the organization...
Which of the following does a lack of adequate security controls represent?
Which of the following does a lack of adequate security controls represent?A . AssetB . VulnerabilityC . ImpactD . ThreatView AnswerAnswer: B Explanation: A lack of adequate security controls represents a vulnerability, which is a weakness or flaw in an asset or its protection that can be exploited by a...
What is a reason for the classification of information?
What is a reason for the classification of information? A. To provide clear identification tags B. To structure the information according to its sensitivity C. Creating a manual describing the BYOD policyView AnswerAnswer: B Explanation: The reason for the classification of information is to structure the information according to its...
