WGU C725 Questions and Answers Latest Updated 2022 Rated A

Document Content and Description Below

WGU C725 Questions and Answers Latest Updated 2022 Rated A Information security is primarily a discipline to manage the behavior of ✔✔People Careers in information security are booming because ... of which of the following factors? ✔✔threat of cyber terrorism, gov regs, growth of the internet Which of the following best represents the three objectives of information security? ✔✔CIA A program for information security should include which of the following elements? ✔✔Security policies and procedures Which of the following topics are part of an information security practice? ✔✔Laws and ethical practices, access controls, security architecture Which college curriculum is more appropriate for a career in information security ✔✔business admin and comp info sciences The formal study of information security has accelerated primarily for what reason? ✔✔(increasingly interconnected global networks) Cybersecurity is like an umbrella. Under the umbrella are the following: ✔✔Compliance, policies, standards, admin, auditing, software dev security, permission controls, incident response, physical security, intrusion detection and prevention, ops controls, antivirus, security testing, training and awareness, key management, public key infrastructure, disaster recovery, access controls The growing demand for InfoSec specialists is occurring predominantly in which of the following types of organizations ✔✔Gov, corporations, not for profit foundations What is meant by the phrase "the umbrella of information security"? ✔✔IS incorporates many different pursuits and disciplines Which of the following roles helps development teams meet security requirements? ✔✔Security consultants Secuyrity consultants do this: ✔✔perform risk analysis of new systems by balancing the needs of business with the threats that stem from opening up access to data or managing new information that could compromise the business if it fell into the wrong hands. Who is responsible for ensuring that systems are auditable and protected from excessive privileges? ✔✔Security admins Security admins do this ✔✔help to establish new user accounts, ensure that auditing mechanisms are present and operating as needed, ensure that communications between systems are securely implemented, and assist in troubleshooting problems and responding to incidents that could compromise confidentiality, integrity, or availability of the systems. Which of the following roles is responsible for ensuring that third-party suppliers and outsourced functions remain in security compliance? ✔✔Vendor managers Vendor managers are needed to ✔✔ensrue that outsourced functions are operating within security policies and standards Confidentiality is sometimes referred to as ✔✔the principle of least privilege, meaning that users should be given only enough privilege to perform their duties, and no more. Some other synonyms for confidentiality you might encounter include privacy, secrecy, and discretion. Confidentiality models are primarily intended to ✔✔ensure that no unauthorized access to information is permitted and that accidental disclosure of sensitive information is not possible. Common confidentiality controls are user IDs and passwords Related to information security, confidentiality is the opposite of which of the following? ✔✔Disclosure One way to think of the CIA triad... ✔✔Protect the confidentiality of data Preserve the integrity of data Promote the availability of data for authorized use Integrity models ... ✔✔keep data pure and trustworthy by protecting system data from intentional or accidental changes. Integrity models have three goals: ✔✔Prevent unauthorized users from making modifications to data or programs Prevent authorized users from making improper or unauthorized modifications Maintain internal and external consistency of data and programs An example of integrity checks is ✔✔balancing a batch of transactions to make sure that all the information is present and accurately accounted for. Availability models ... ✔✔keep data and resources available for authorized use, especially during emergencies or disasters. Information security professionals usually address three common challenges to availability: ✔✔Denial of service (DoS) due to intentional attacks or because of undiscovered flaws in implementation (for example, a program written by a programmer who is unaware of a flaw that could crash the program if a certain unexpected input is encountered) Loss of information system capabilities because of natural disasters (fires, floods, storms, or earthquakes) or human actions (bombs or strikes) Equipment failures during normal use Some activities that preserve confidentialit [Show More]

Last updated: 2 years ago

Preview 1 out of 41 pages