Information Security And IT Risk Management 1st Edition by Manish Agrawal – Test Bank

$20.00

Pay And Download

 

Complete Test Bank With Answers

 

 

 

Sample Questions Posted Below

 

 

 

 

 

Information security and IT risk management – Question bank

By Manish Agrawal, Alex Campoe and Eric Pierce

  • Chapter 5 – Asset identification and characterization

 

  1. The majority of information security incidents are identified by
    1. a) Organizations other than the affected organization
    2. b) Investigators
    3. c) The affected organizations
    4. d) Law enforcement

Answer: (a)

  1. The ISO standard for information security is
    1. a) ISO 9000
    2. b) ISO 27002
    3. c) ISO 14000
    4. d) ISO 3166

Answer: (b)

  1. Checklist based approaches can be used to identify
    1. a) Asset priorities
    2. b) Idiosyncratic assets
    3. c) General assets
    4. d) Assets

Answer: (c)

  1. Bottom-up and top down approaches are needed to identify
    1. a) Asset priorities
    2. b) General assets
    3. c) Assets
    4. d) Idiosyncratic assets

Answer: (d)

  1. An example of a top-down approach to asset identification is
    1. a) Reading the mission statement of the organization
    2. b) Talking to co-workers
    3. c) Reading on-boarding documentation
    4. d) All of the above

Answer: (a)

  1. Information assets are
    1. a) Software tools needed to accomplish the organization’s mission
    2. b) Digitally stored content owned by an individual or organization
    3. c) Employees whose departure could adversely affect the organization
    4. d) Machinery involved in supporting the business

Answer: (b)

  1. Personnel assets are
    1. a) Software tools needed to accomplish the organization’s mission
    2. b) Digitally stored content owned by an individual or organization
    3. c) Employees whose departure could adversely affect the organization
    4. d) Machinery involved in supporting the business

Answer: (c)

  1. Hardware assets are
    1. a) Software tools needed to accomplish the organization’s mission
    2. b) Digitally stored content owned by an individual or organization
    3. c) Employees whose departure could adversely affect the organization
    4. d) Machinery involved in supporting the business

Answer: (d)

  1. Software assets are
    1. a) Software tools needed to accomplish the organization’s mission
    2. b) Digitally stored content owned by an individual or organization
    3. c) Employees whose departure could adversely affect the organization
    4. d) Machinery involved in supporting the business

Answer: (a)

  1. In most organizations, the most important assets from the perspective of information security are
    1. a) Hardware assets
    2. b) Information assets
    3. c) Software assets
    4. d) Personnel assets

Answer: (b)

  1. Tracking attributes are used for
    1. a) Software assets
    2. b) Personnel assets
    3. c) Hardware assets
    4. d) Information assets

Answer: (c)

  1. Methods of hardware asset discovery include
    1. a) Network scanning
    2. b) Asset reviews
    3. c) Purchase reviews
    4. d) All of the above

Answer: (d)

  1. The parameters used to characterize assets are
    1. a) Asset sensitivity and asset criticality
    2. b) Asset confidentiality and asset restrictions
    3. c) Restricted and unrestricted assets
    4. d) Essential, required and deferrable assets

Answer: (a)

  1. Based on sensitivity, assets are classified as
    1. a) Essential, required, deferrable
    2. b) Restricted, unrestricted
    3. c) Information, personnel, hardware
    4. d) Hardware, software, legal

Answer: (b)

  1. Asset sensitivity refers to
    1. a) Data that cannot be disclosed to outsiders
    2. b) Importance of an asset to the immediate survival of an organization
    3. c) The damage caused to an organization from a breach of confidentiality or integrity of an asset
    4. d) Data that is not classified as restricted

Answer: (c)

  1. Restricted assets are
    1. a) Assets whose loss would cause severe repercussions to the organization immediately
    2. b) Importance of an asset to the immediate survival of an organization
    3. c) The damage caused to an organization from a breach of confidentiality or integrity of an asset
    4. d) Assets whose disclosure or alteration would have adverse consequences for the organization

Answer: (d)

  1. Asset criticality refers to
    1. a) A measure of the importance of an asset to the immediate survival of an organization
    2. b) Contractual arrangements that guide the use of hardware and software assets within the organization
    3. c) Adverse consequences for the organization upon disclosure of information
    4. d) Damage caused to the organization from a breach of confidentiality or violation of integrity of an asset

Answer: (a)

  1. Based on criticality, assets are classified as
    1. a) Restricted, unrestricted
    2. b) Essential, required, deferrable
    3. c) Information, personnel, hardware
    4. d) Hardware, software, legal

Answer: (b)

  1. Asset criticality is usually associated with the impact of an asset on
    1. a) Confidentiality
    2. b) Integrity
    3. c) Availability
    4. d) Sensitivity

Answer: (c)

  1. Essential assets are those whose loss of availability
    1. a) Could be acceptable
    2. b) Could be tolerated for a short period of time
    3. c) Could cause confidentiality breaches
    4. d) Would cause immediate severe repercussions to the organization

Answer: (d)

  1. Required assets are those whose loss of availability
    1. a) Could be tolerated for a short period of time
    2. b) Could be acceptable
    3. c) Is not acceptable even for a short period of time
    4. d) Would cause immediate severe repercussions to the organization

Answer: (a)

  1. Deferrable assets are those whose loss of availability
    1. a) Could be acceptable
    2. b) Could be tolerated for a short period of time
    3. c) Would cause immediate severe repercussions to the organization
    4. d) Is not acceptable even for a short period of time

Answer: (b)

  1. The stages in an IT asset life cycle include
    1. a) Reduce, reuse, recycle
    2. b) Plan, do, check, act
    3. c) Plan, acquire, deploy, manage, retire
    4. d) Concept, definition, launch, perform, close

Answer: (c)

  1. The most appropriate IT lifecycle stage to evaluate an organization’s processes is the
    1. a) Retirement stage
    2. b) Deployment stage
    3. c) Management stage
    4. d) Planning stage

Answer: (d)

  1. RFPs, ITNs, ITBs are associated with the
    1. a) Acquiring stage
    2. b) Deployment stage
    3. c) Management stage
    4. d) Planning stage

Answer: (a)

 

There are no reviews yet.

Add a review

Be the first to review “Information Security And IT Risk Management 1st Edition by Manish Agrawal – Test Bank”

Your email address will not be published. Required fields are marked *

Category:
Updating…
  • No products in the cart.