Operational Security-Final Exam-Pawan

QUESTION 1
1. In what section of the remote access policy document you created in the lab did
you describe the organization-wide implementation of the remote access policy?
The Purpose/Objectives section
The Standards section
The Procedures section
The Guidelines section
4 points
QUESTION 2
1. Apathy toward policies, clicking on an embedded URL or unknown e-mail
attachment within an e-mail message, and the loss of productivity by surfing the Web
during work hours are all considered risks and threats of the:
WAN Domain
User Domain.
Workstation Domain.
LAN Domain.
4 points
QUESTION 3
1. In the lab, you defined the information systems security responsibility for each of
the seven domains of a typical IT infrastructure. In which domain are you most likely to
find an acceptable use policy (AUP), a confidentiality agreement, background checks on
employees, and disciplinary actions?
User Domain
Workstation Domain
WAN Domain
Remote Access Domain
4 points
QUESTION 4
1. Which of the following should be updated to ensure the organization understands
the effects of a business outage.
The business continuity plan (BCP)
The business impact analysis (BIA)
The recovery point objective (RPO)
The recovery time objective (RTO)
4 points
QUESTION 5
1. Based on your work in the lab, to which policy definition does the following policy
statement apply?
The company’s most critical business functions should not be allowed to remain
interrupted for more than two days. Given adequate planning, testing, and failure-ready
infrastructure, the company should resume operations as soon as possible after a
catastrophic outage.
Business continuity: Business impact analysis (BIA)
Business continuity and disaster recovery
Asset protection
Production data backup
4 points
QUESTION 6
1. Overlapping policies:
should be avoided.
is redundant and wastes valuable
resources.
costs an organization too much money.
provides defense in depth.
4 points
QUESTION 7
1. To be sure your security awareness training policy is effective, it should:
be applicable to all audiences.
speak directly to the target audience.
include technical terms to impress the target audience.
identify the security mistakes made by each member of the target audience.
4 points
QUESTION 8
1. The purpose of an acceptable use policy (AUP) is to establish the rules for:
an individual user who poses a threat.
making an executive decision.
a specific group of employees.
a specific system, network, or Web site.
4 points
QUESTION 9
1. How many domains are in the typical IT infrastructure?
Three
Five
Seven
Ten
4 points
QUESTION 10
statement apply?
Users are not allowed to connect personal devices which are not issued by the
company. Users are not allowed to run applications without business justification and
expressed written authorization. Users are permitted to access Internet content during
non-working hours.
Internet ingress/egress traffic and Web content filter
Access control
Asset protection
Remote access Virtual Private Network (VPN)
4 points
QUESTION 11
1. Which of the following statements is true regarding Internet use and e-mail use?
Internet use and e-mail use are relatively unimportant and so infrequently abused
by employees that they are not worth covering in an acceptable use policy.
Federal law prohibits Internet use and e-mail use from being covered in an
acceptable use policy.
Internet use and e-mail use can be added to the scope of an acceptable use policy,
or they can be stand-alone policies within the User Domain.
Compliance laws stipulate how and when Internet use and e-mail use should be
covered in an acceptable use policy.
4 points
QUESTION 12
statement apply?
The company’s most critical business processes and functions must be identified and
assessed to facilitate disaster recovery and business continuity planning.
Business continuity: Business impact analysis (BIA)
Business continuity and disaster recovery
Asset protection
Production data backup
4 points
QUESTION 13
1. In your Lab Report file, you wrote an IT security definition for one of the gaps you
had not previously identified a policy for by:
outlining the chain of command for the security process.
determining the most likely avenue for attack.
suggesting how to mitigate the risk involved.
recommending who would be responsible for any loss.
4 points
QUESTION 14
1. To be sure your security awareness training policy is effective, it should:
be applicable to all audiences.
speak directly to the target audience.
include technical terms to impress the target audience.
identify the security mistakes made by each member of the target audience.
4 points
QUESTION 15
1. In which step of the incident response methodology is the goal to restore the
system to normal operations?
Containment
Remediation
Recovery
Aftermath
4 points
QUESTION 16
1. If you are reacting to a malicious software attack, such as a virus and its spread,
during which step in the incident response process are you attempting to minimize its
spreading?
Detection
Containment
Recovery
Aftermath
4 points
QUESTION 17
1. Which of the following are considered high-level documents that answer the
“what” questions?
Policies
Standards
Guidelines and procedures
Regulations
4 points
QUESTION 18
1. Which of the following areas of the organization is responsible for establishing
the policy commitment and implementation for the entire organization?
Executive Management
Supervisory-Level Management
Human Resources
IT Security Policy Enforcement Monitoring
4 points
QUESTION 19
1. Which of the following documents answer the “how” questions?
Policies
Standards
Guidelines and procedures
Regulations
4 points
QUESTION 20
1. The Health Insurance Portability and Accountability Act (HIPAA) requires a(n)
__________ approach to policy development.
cost-based
risk-based
vulnerability-based
employee-based
4 points
QUESTION 21
1. The purpose of a business impact analysis (BIA) is to assess and align affected
IT systems, applications, and resources to their required:
business continuity plans (BCPs).
disaster recovery plans (DRPs).
recovery point objectives (RPOs).
recovery time objectives (RTOs).
4 points
QUESTION 22
1. Which of the following statements is true regarding appropriate organization
action for employees who may be in violation of an organization’s acceptable use policy
(AUP)?
Reprimanding or reminding an employee of the AUP has proven to be an
insufficient response.
An employee who continues to violate an AUP may require disciplinary action.
An employee cannot be terminated for the violation of an organization’s AUP no
matter how many times the infractions occur.
AUPs are unenforceable at the organization level and can only be dealt with by law
enforcement.
4 points
QUESTION 23
1. Which of the following refers to the movement and location of physical evidence
from the time it is obtained until the time it is presented in court?
Sequence of evidence
Domain of evidence
Chain of custody
Evidence succession
4 points
QUESTION 24
1. Which of the following statements is true regarding implementing your business
continuity plan (BCP)?
Implementing your BCP is not ultimately affected by the level of executive
management’s support.
You should only attempt to obtain executive management approval for your BCP
after it has been completed.
You should clarify the costs associated with any lasting disruptions to business with
executive management.
Executive management will most likely not understand the pressing need for every
business to have a BCP to protect itself.
4 points
QUESTION 25
1. Compliance laws, such as the Health Insurance Portability and Accountability Act
(HIPAA) and the Gramm-Leach-Bliley Act (GLBA) dictate the need to have proper
__________ throughout an organization.
security controls
antivirus software
employee drug testing
employee screening
Which of the following should be updated to ensure the organization
understandsthe effects of a business outage.

The business impact analysis (BIA)
Q U E S T I O N 1 1 1.Which of the following outlines recovery steps so that

operations may continue when mission-critical functions are at risk or
jeopardized?

The disaster recovery plan (DRP)
 Question 1
4 out of 4 points
Based on your work in the lab, to which policy definition does the following policy
statement apply?
Network traffic configuration should monitor and, when necessary, react to restrict
traffic, which when left unrestricted could make the business network unavailable.
Correct
Answer: Internet ingress/egress availability (denial of service/distributed denial
of service)
 Question 2
4 out of 4 points
One of the considerations of integrity is how to protect data in the event of a breach
or unauthorized access. One way to resolve this issue is to take a security layered
approach and to use encryption. A breach in one layer will be caught by another. In
this case, even if data is improperly accessed, it still cannot be read.
Correct Fals
Answer: e
 Question 3
4 out of 4 points
In the lab, what column did you use to indicate what would be affected if a function or
process failed?
Correct
Answer: IT Systems/Apps Infrastructure Impacts
 Question 4
4 out of 4 points
In the lab, you aligned each risk, threat, and vulnerability in the __________ with a
policy that should explain how to respond to it.
Correct
Answer: IT security policy framework definition
chart
 Question 5
4 out of 4 points
In which section of the computer incident response policy you created in the lab did
you describe what access and authority are granted to the incident response team
members that may be outside of standard protocol?
Correct
Answer: Scope
 Question 6
4 out of 4 points
Depending on the violation’s severity, repeat or continued violations of organization-
wide policies might be grounds for:
Correct
Answer: termination of employment.
 Question 7
4 out of 4 points
Which of the following statements is true regarding the information used in
responding to and handling an incident?
Correct
Answer: Management remains the consumer and chief decider, based on
information provided to it by the experts.
 Question 8
4 out of 4 points
Acceptable use policies help an organization __________ by establishing what can
and cannot take place.
Correct
Answer: mitigate risks and threats
 Question 9
0 out of 4 points
Developing policies that address the risks, threats, and vulnerabilities faced by the
organization is called a:
Correct
Answer: risk-based approach.
 Question 10
4 out of 4 points
A ____________ would be a misconfiguration of a system that allows the hacker to
gain unauthorized access, whereas a______________ is a combination of the
likelihood that such a misconfiguration could happen, a hacker’s exploitation of it,
and the impact if the event occurred.
Correct
Answer: vulnerability, risk
 Question 11
4 out of 4 points
Which of the following statements is true regarding appropriate organization action
for employees who may be in violation of an organization’s acceptable use policy
(AUP)?
Correct
Answer: An employee who continues to violate an AUP may require
disciplinary action.
 Question 12
4 out of 4 points
According to the SANS Institute, a __________ is typically a collection of system
specific or procedural specific “suggestions” for best practice.
Correct
Answer: guideline
 Question 13
4 out of 4 points
Which of the following is another name for a layered security model that results in
both technical and procedural protections?
Correct
Answer: Defense in Depth
 Question 14
4 out of 4 points
Employees in organizations with flat organizational structures tend to be more:
Correct
Answer: creative and involved in business decisions.
 Question 15
0 out of 4 points
When it comes to winning executive management support for a business continuity
plan (BCP), too many managers and consultants do not spend enough time:
Correct
Answer: consulting with management.
 Question 16
4 out of 4 points
Which of the following statements would NOT be considered a risk or threat found in
the Remote Access Domain?
Correct
Answer: Authorized access to IT systems
 Question 17
4 out of 4 points
In which step of the incident response methodology is the goal to document the
incident’s details, retail collected data, and identify the improvements?
Correct
Answer: Aftermath
 Question 18
4 out of 4 points
The purpose of a business impact analysis (BIA) is to assess and align affected IT
systems, applications, and resources to their required:
Correct
Answer: recovery time objectives (RTOs).
 Question 19
4 out of 4 points
Your security awareness training policy will directly influence:
Correct
Answer: how well your employees value and protect your organization’s
security position.
 Question 20
4 out of 4 points
When it comes to winning executive management support for a business continuity
plan (BCP), too many managers and consultants do not spend enough time:
Correct
Answer: consulting with management.
 Question 21
4 out of 4 points
In the sample business impact analysis in the lab, the e-commerce portal coupled
with sales order entry and online sales were identified as __________ to the
business.
Correct
Answer: critical
 Question 22
0 out of 4 points
The sample remote access policy document from the hospital that you reviewed in
the lab showed that the Remote Access Domain is technically the same as the
__________, only with the added burden of transmitting over an insecure network.
Correct
Answer: User Domain
 Question 23
4 out of 4 points
Which government agency provides a portion of the funding to support the CVE
database?
Correct
Answer: U.S. Department of Homeland Security
 Question 24
0 out of 4 points
Which of the following statements is true regarding access to resources such as IT
equipment or some other type of asset?
Correct
Answer: The misuse of resources might be for a person’s own benefit or just
for entertainment.
 Question 25
0 out of 4 points
Which of the following are considered high-level documents that answer the “what”
questions?
Correct
Answer: Standards
User VIJAYKUMAR GANDHAM
Course Spring 2020 - Operations Security (ISOL-631-52)(ISOL-631-53) -
Combined - Full Term
Test Final-Exam
Started 4/23/20 9:03 AM
Submitted 4/23/20 10:05 AM
Due Date 4/23/20 11:59 PM
Status Completed
Attempt 68 out of 100 points
Score
Time Elapsed 1 hour, 2 minutes
Results Correct Answers
Displayed
 Question 1
4 out of 4 points
In which section of the business continuity plan policy definition/business impact
analysis you created in the lab did you reference the recovery time objectives
(RTOs) and recovery point objectives (RPOs) as metrics within the policy definition
itself?
Correct
Answer: Standards
 Question 2
0 out of 4 points
statement apply?
Every asset must be cataloged to include its perceived fair market value.
Correct
Answer: Asset protection
 Question 3
0 out of 4 points
Which of the following statements is true regarding a remote access policy
definition?
Correct
Answer: Organizations that are protecting privacy data must have proper security
controls for accessing customer privacy data remotely.
 Question 4
0 out of 4 points
Security awareness training can include special all-hands meetings called
__________ meetings that are held between team or departmental leaders, with
those leaders then sharing the information they’ve gained from those meetings with
employees.
Correct
Answer: Town Hall
 Question 5
4 out of 4 points
The __________ of the identified mission-critical business functions defines what IT
systems, applications, and resources are impacted.
Correct
Answer: prioritization
 Question 6
4 out of 4 points
One of the foundational reasons for using and enforcing security policies is to protect
systems from the “insider threat,” which refers to users with authorized access.
These are privileged users who would have the ability and access to wreak havoc on
the system
Correct Tru
Answer: e
 Question 7
4 out of 4 points
Which of the following statements is true regarding organizational policy and security
awareness training?
Correct
Answer: Employee attitudes toward security awareness training can range from
indifferent to eager.
 Question 8
4 out of 4 points
Which of the following statements is true regarding appropriate organization action
for employees who may be in violation of an organization’s acceptable use policy
(AUP)?
Correct
Answer: An employee who continues to violate an AUP may require
disciplinary action.
 Question 9
4 out of 4 points
Which of the following statements is true regarding the separation of duties?
Correct
Answer: No one individual should have too much authority or power to perform a
function in a business or organization.
 Question 10
4 out of 4 points
In the lab, the XYZ Health Care Provider wanted to monitor and control the use of
remote access by implementing system logging and VPN connections. Which of the
following statements is true regarding these types of security controls?
Correct
Answer: Synchronizing all logs, audit trails, and folder/data accessed can provide
proper auditing and verification that remote users are not performing any
data leakage.
 Question 11
4 out of 4 points
In your Lab Report file, you wrote an IT security definition for one of the gaps you
had not previously identified a policy for by:
Correct
Answer: suggesting how to mitigate the risk
involved.
 Question 12
4 out of 4 points
How many domains are in the typical IT infrastructure?
Correct
Answer: Seven
 Question 13
4 out of 4 points
According to the SANS Institute, a __________ is typically a collection of system
specific or procedural specific “suggestions” for best practice.
Correct
Answer: guideline
 Question 14
4 out of 4 points
Which of the following statements is true regarding system access as described in
the Building and Implementing a Successful Information Security Policy whitepaper?
Correct
Answer: An employee should not share his/her ID and password with anyone,
including IT staff or family members.
 Question 15
0 out of 4 points
In which section of the security management policy you created in the lab did you
explain and define the separation of duties throughout the seven domains of a typical
IT infrastructure?
Correct
Answer: Procedures
 Question 16
0 out of 4 points
Opening e-mails and unknown e-mail attachments, which can lead to malicious
software and codes, is a risk that is typically found in the:
Correct
Answer: User Domain.
 Question 17
4 out of 4 points
Which of the following are considered high-level documents that answer the “why”
questions?
Correct
Answer: Policies
 Question 18
0 out of 4 points
Acceptable use policies should align with __________ to mitigate the risks and
threats caused by employees, contractors, and other third-party users of the
organization’s IT assets are not compromised or in violation of policy definition.
Correct
Answer: compliance requirements
 Question 19
4 out of 4 points
A policy framework definition helps organizations align policies to domains
throughout their IT infrastructure to help:
Correct
Answer: mitigate the risks, threats, and vulnerabilities that are commonly
found.
 Question 20
4 out of 4 points
In the lab, you identified an appropriate policy definition that might __________ the
risks, threats, and vulnerabilities of health care IT infrastructure.
Correct
Answer: mitigate
 Question 21
4 out of 4 points
A policy should be simple, concise, and clearly written because you are writing not
only the policy statement, but also the __________ for mitigating your chosen type of
risk.
Correct
Answer: procedural “how-to”
 Question 22
0 out of 4 points
Which of the following statements is true regarding a security policy framework?
Correct
Answer: Your policies should be born from a well-thought-out
framework.
 Question 23
4 out of 4 points
A policy framework helps organize and identify __________ in the overall layered
security strategy.
Correct
Answer: potential gaps
 Question 24
4 out of 4 points
Integrity ensures that only authorized individuals are able to access information.
Correct Fals
Answer: e
 Question 25
0 out of 4 points
In the case of a security incident response, the Building and Implementing a
Successful Information Security Policy whitepaper cautions that __________ is often
critical in limiting the damage caused by an attack.
Correct
Answer: speed of action
User SATCHIDANANDA REDDY MEDIPELLY
Test Final-Exam
Started 4/23/20 7:45 PM
Submitted 4/23/20 8:30 PM
Due Date 4/23/20 11:59 PM
Status Completed
Score
Time Elapsed 44 minutes
Displayed
 Question 1
4 out of 4 points
Employee behavior in an organization is:
Correct
Answer: usually far from optimal.
 Question 2
4 out of 4 points
Correct
Answer: speed of action
 Question 3
0 out of 4 points
The purpose of an organization-wide security awareness training policy is to
mandate __________ security awareness training for employees.
Correct
Answer: annual and
periodic
 Question 4
0 out of 4 points
statement apply?
All devices and communication lines from the corporate boundary to the Internet
service provider are considered as Wide Area Network and should meet specified
objectives.
Correct
Answer: Wide Area Network (WAN) service availability
 Question 5
0 out of 4 points
In which section of the security management policy you created in the lab did you
address any disputes or gaps in the definition and separation of duties responsibility?
Correct
Answer: Guidelines
 Question 6
4 out of 4 points
The lab demonstrated how to assess and audit an IT security policy framework
definition by performing a(n) __________ with remediation.
Correct
Answer: gap analysis
 Question 7
4 out of 4 points
statement apply?
Network traffic configuration should monitor and, when necessary, react to restrict
traffic, which when left unrestricted could make the business network unavailable.
Correct
Answer: Internet ingress/egress availability (denial of service/distributed denial
of service)
 Question 8
0 out of 4 points
In the scenario in the lab, what type of remote access to the patient medical records
system was necessary to ensure electronic protected health information (ePHI) was
adequately secured for remote access from the field?
Correct
Answer: HTTPS://
 Question 9
4 out of 4 points
Employees in organizations with flat organizational structures tend to be more:
Correct
Answer: creative and involved in business decisions.
 Question 10
0 out of 4 points
Which of the following statements is true regarding ongoing security policy
management?
Correct
Answer: When users find that a policy is going to make their jobs harder, they’re
much more likely to try to circumvent that policy.
 Question 11
4 out of 4 points
Acceptable use policies should align with __________ to mitigate the risks and
threats caused by employees, contractors, and other third-party users of the
organization’s IT assets are not compromised or in violation of policy definition.
Correct
Answer: compliance requirements
 Question 12
0 out of 4 points
The purpose of an organization-wide security awareness training policy is to
mandate __________ security awareness training for employees.
Correct
Answer: annual and
periodic
 Question 13
4 out of 4 points
In the lab, you only provided a policy relevant to a risk, threat, or vulnerability of the
seven domains of a typical IT infrastructure. However, normally a __________ would
be the necessary next steps.
Correct
Answer: risk assessment or suggested
control
 Question 14
0 out of 4 points
In what section of the remote access policy document you created in the lab did you
describe the organization-wide implementation of the remote access policy?
Correct
Answer: The Procedures section
 Question 15
4 out of 4 points
Which step of the incident response methodology includes setting up a reasonable
set of defenses/controls, creating a set of procedures to deal with incidents,
obtaining the resources and personnel necessary to deal with the problem, and
establishing an infrastructure to support incident response?
Correct
Answer: Preparation
 Question 16
4 out of 4 points
According to the SANS Institute, a __________ is typically a collection of system-
specific or procedural-specific requirements that must be met by everyone.
Correct
Answer: standar
d
 Question 17
4 out of 4 points
Which of the following statements would NOT be considered a risk or threat found in
the Remote Access Domain?
Correct
Answer: Authorized access to IT systems
 Question 18
4 out of 4 points
Policies, which can be a process or a method for implementing a solution, often
become the measuring stick by which an organization is evaluated for compliance.
Correct Fals
Answer: e
 Question 19
4 out of 4 points
Correct
Answer: Aftermath
 Question 20
4 out of 4 points
Which of the following drives the type of business continuity and recovery steps
needed to maintain IT operations in specified time frames?
Correct
Answer: The recovery time objective (RTO)
 Question 21
0 out of 4 points
Operating system software vulnerabilities and application software vulnerabilities are
risks and threats that are typically found in the:
Correct
Answer: Workstation Domain.
 Question 22
4 out of 4 points
Which of the following statements is true regarding the business impact analysis
(BIA)?
Correct
Answer: BIAs are a reoccurring analysis, sometimes done once a year.
 Question 23
4 out of 4 points
What policy definition defines the standards, procedures, and guidelines for how
employees are to be granted and authorized access to internal IT resources through
the public Internet?
Correct
Answer: Remote Access Policy
 Question 24
4 out of 4 points
Which of the following statements is true regarding policy?
Correct
Answer: Policy should not need modification unless a major shift in corporate
values or business process occurs.
 Question 25
4 out of 4 points
In flat organizational structures, employees tend to be:
Correct
Answer: more open and communicative.
How many domains are in the typical IT infrastructure?
Correct Answer:
Correct Seven
Question 2
0 out of 4 points
In the lab, you defined the information systems security responsibility for each of
the seven domains of a typical IT infrastructure. In which domain would you be
most likely to secure access through the Internet and from employees’ homes?
Correct Answer:
Correct Remote Access Domain
Question 3
0 out of 4 points
Which of the following refers to the movement and location of physical evidence
from the time it is obtained until the time it is presented in court?
Correct Answer:
Correct Chain of custody
Question 4
4 out of 4 points
In the lab, you assigned a factor of Critical, Major, Minor, or None to each
function or process in the ____ column.
Correct Answer:
Correct Business Impact Factor
Question 5
4 out of 4 points
Separation of duties throughout an IT infrastructure helps mitigate risk for an

organization by eliminating the possibility that:
Correct Answer:
Correct the same person can perform and hide a specific action or task from an
organization.
Question 6
4 out of 4 points
In the lab, you identified an appropriate policy definition that might ____ the
Correct Answer:
Correct mitigate
Question 7
0 out of 4 points
According to the University of Winnipeg Incident Response Procedures, which of

the following is the sole communications link with relevant parties/departments
in order to minimize confusion and possible reporting of misinformation?
Correct Answer:
Correct Chief Technology Officer (CTO)
Question 8
4 out of 4 points
Security awareness training is designed to mitigate the risks and threats

identified in:
Correct Answer:
Correct the User Domain and the Workstation Domain.
Question 9
0 out of 4 points
Which of the following statements is true regarding Internet use and e-mail use?
Correct Answer:
Correct Internet use and e-mail use can be added to the scope of an acceptable
use policy, or they can be stand-alone policies within the User Domain.
Question 10
4 out of 4 points
In the lab, you identified an appropriate policy definition that might ____ the
Correct Answer:
Correct mitigate
Question 11
0 out of 4 points
Which of the following can affect an employee’s sense of job security, purpose,
and potential to contribute to the company’s success, all of which can make an
employee feel dissatisfied or apathetic?
Correct Answer:
Correct A company’s size
Question 12
4 out of 4 points
Which of the following statements is true regarding a security policy framework?
Correct Answer:
Correct Your policies should be born from a well-thought-out framework.
Question 13
4 out of 4 points
In which step of the incident response methodology do you find out all
communication channels used by the attacker and block them on all your
network boundaries?
Correct Answer:
Correct Remediation
Question 14
4 out of 4 points
Which of the following can affect an employee’s sense of job security, purpose,
and potential to contribute to the company’s success, all of which can make an
employee feel dissatisfied or apathetic?
Correct Answer:
Correct A company’s size
Question 15
4 out of 4 points
Which of the following determines your business continuity management plan

and how much money you need to resume operations?
Correct Answer:
Correct The recovery time objective (RTO)
Question 16
4 out of 4 points
Based on your work in the lab, to which policy definition does the following
policy statement apply?
Security mandates should govern the company’s resources to stop access by

unauthorized users, but still permit full access for authorized users.
Correct Answer:
Correct Access control
Question 17
4 out of 4 points
Security mandates should govern the company’s resources to stop access by

unauthorized users, but still permit full access for authorized users.
Correct Answer:
Correct Access control
Question 18
4 out of 4 points
The audience for security awareness training is:
Correct Answer:
Correct both new and existing employees.
Question 19
4 out of 4 points
The Health Insurance Portability and Accountability Act (HIPAA) requires

security controls for electronic protected health information (ePHI) to ensure the
____ of patient data.
Correct Answer:
Correct confidentiality
Question 20
4 out of 4 points
Which of the following outlines recovery steps so that operations may continue
when mission-critical functions are at risk or jeopardized?
Correct Answer:
Correct The business continuity plan (BCP)
Question 21
4 out of 4 points
Which of the following statements is true regarding the handling of physical

evidence during an incident response?
Correct Answer:
Correct Every incident response should be treated with the assumption that
evidence documentation is required.
Question 22
0 out of 4 points
The company’s most critical business processes and functions must be identified
and assessed to facilitate disaster recovery and business continuity planning.
Correct Answer:
Correct Business continuity: Business impact analysis (BIA)
Question 23
4 out of 4 points
Separation of duties is a security control whereby the same person:
Correct Answer:
Correct cannot define, approve, and implement an action of the organization.
Question 24
0 out of 4 points
Which of the following statements is true regarding implementing your business

continuity plan (BCP)?
Correct Answer:
Correct You should clarify the costs associated with any lasting disruptions to
business with executive management.
Question 25
0 out of 4 points
In the lab, you defined the information systems security responsibility for each of
the seven domains of a typical IT infrastructure. In which domain are you most
likely to find service provider service level agreements (SLAs), managed security
services, monitoring, and reporting?
Correct Answer:
Correct WAN Domain

User SATCHIDANANDA REDDY MEDIPELLY
Test Final-Exam
Started 4/23/20 8:32 PM
Submitted 4/23/20 9:19 PM
Due Date 4/23/20 11:59 PM
Status Completed
Attempt Score 80 out of 100 points
Time Elapsed 46 minutes
Displayed
 Question 1
4 out of 4 points
A layered security approach means having:
Correct
Answer:
multiple controls and safeguards to cover the same or similar threats.
 Question 2
4 out of 4 points
The sample remote access policy documents you reviewed in the lab served as a
reminder that a policy:
Correct
Answer:
can be proper and effective without having to follow a strict structure.
 Question 3
4 out of 4 points
To be sure your security awareness training policy is effective, the policy’s revision,
approval, and distribution should:
Correct
Answer:
be documented.
 Question 4
4 out of 4 points
If a gap analysis finds deficiencies in an organization’s policies, it is necessary to:
Correct
Answer:
amend both the security policy framework and the policies.
 Question 5
4 out of 4 points
According to the SANS Institute, a __________ is typically a document that outlines
specific requirements or rules that must be met and are usually point-specific,
covering a single area?
Correct
Answer:
policy
 Question 6
4 out of 4 points
The sample remote access policy document from the hospital that you reviewed in
the lab showed that the Remote Access Domain is technically the same as the
__________, only with the added burden of transmitting over an insecure network.
Correct
Answer:
User Domain
 Question 7
0 out of 4 points
In which section of the security policy definition you created in the lab did you explain
how the policy definition fills the identified gap in the overall IT security policy
framework definition and how it mitigates the risks, threats, and vulnerabilities
identified?
Correct
Answer:
Purpose/Objectives
 Question 8
4 out of 4 points
Which of the following statements is true regarding a remote access policy
definition?
Correct
Answer:
Organizations that are protecting privacy data must have proper security
controls for accessing customer privacy data remotely.
 Question 9
4 out of 4 points
To avoid the waste or outright abuse of resources, a company will develop an
acceptable use policy (AUP), which:
Correct
Answer:
documents official guidance for the resources within the IT domains.
 Question 10
0 out of 4 points
In the lab, you defined the information systems security responsibility for each of the
seven domains of a typical IT infrastructure. In which domain are you most likely to
find service provider service level agreements (SLAs), managed security services,
monitoring, and reporting?
Correct
Answer:
WAN Domain
 Question 11
4 out of 4 points
In the lab, what column did you use to indicate what would be affected if a function or
process failed?
Correct
Answer:
IT Systems/Apps Infrastructure Impacts
 Question 12
4 out of 4 points
In which section of the security policy definition you created in the lab did you
address roles and responsibilities for implementing the policy?
Correct
Answer:
Guidelines
 Question 13
0 out of 4 points
Aligning standards, procedures, and guidelines into a remote access policy definition
makes it easier to:
Correct
Answer:
reduce the risks associated with this type of service.
 Question 14
0 out of 4 points
There are many barriers to policy acceptance and enforcement. Which of the
following is not one the challenges to policy acceptance?
Correct
Answer:
disciplinary action for employees who fail to accept policies
 Question 15
4 out of 4 points
Which of the following statements is true regarding how and when an acceptable use
policy (AUP) should be implemented?
Correct
Answer:
New hires and employees should be informed about the AUP during new
employee orientation on the first day of employment.
 Question 16
4 out of 4 points
Security awareness training policies should be written in such a way that they:
Correct
Answer:
won’t need frequent updates.
 Question 17
4 out of 4 points
Which of the following statements is true regarding the handling of physical evidence
during an incident response?
Correct
Answer:
Every incident response should be treated with the assumption that
evidence documentation is required.
 Question 18
4 out of 4 points
Violations of security policies are considered to be a(n) __________ issue upon
which proper disciplinary actions must be taken.
Correct
Answer:
employer-employee
 Question 19
4 out of 4 points
According to the University of Winnipeg Incident Response Procedures, which of the
following is the sole communications link with relevant parties/departments in order
to minimize confusion and possible reporting of misinformation?
Correct
Answer:
Chief Technology Officer (CTO)
 Question 20
4 out of 4 points
Conducting a business impact analysis (BIA) entails describing any mission-critical
business functions and processes as well as identifying:
Correct
Answer:
all threats and vulnerabilities.
 Question 21
4 out of 4 points
Correct
Answer:
speed of action
 Question 22
0 out of 4 points
In which section of the computer incident response policy you created in the lab did
you define the security incident response team members and the authorization and
authority granted to them during a crisis or securing incident situation?
Correct
Answer:
Purpose/Objectives
 Question 23
4 out of 4 points
What policy definition can help remind employees in the User Domain about what
constitutes suitable use and improper use of corporate IT resources?
Correct
Answer:
Acceptable Use Policy
 Question 24
4 out of 4 points
In the lab, you only provided a policy relevant to a risk, threat, or vulnerability of the
seven domains of a typical IT infrastructure. However, normally a __________ would
be the necessary next steps.
Correct
Answer:
risk assessment or suggested control
 Question 25
4 out of 4 points
What policy definition can help remind employees in the User Domain about what
constitutes suitable use and improper use of corporate IT resources?
Correct
Answer:
QUESTION 1
1. In which section of the computer incident response policy you created in the lab did
you describe what access and authority are granted to the incident response team members
that may be outside of standard protocol?
Purpose/Object
ives
Scope
Standards
Procedures
10 points
QUESTION 2
1. In which step of the incident response methodology is the goal to document the
Containm
ent
Remediati
on
Recovery
Aftermath
10 points
QUESTION 3
1. In which step of the incident response methodology do you establish contacts, define
procedures, gather information, and get familiar with intrusion detection tools to save time
during an attack?
Preparatio
n
Identificati
on
Containm
ent
Remediati
on
10 points
QUESTION 4
1. In your Lab Report file, you described the need for a security or computer incident
response team policy definition that addresses the __________ the CIRT response team
members during an incident response emergency.
most frequent evidence handling
mistakes of
delegation of authority to
backgrounds and abilities of
titles and hierarchy of
10 points
QUESTION 5
1. According to the University of Winnipeg Incident Response Procedures, which of the
following is the sole communications link with relevant parties/departments in order to
minimize confusion and possible reporting of misinformation?
Chief Technology Officer
(CTO)
Information Security
Officer
Security services
Legal counsel
10 points
QUESTION 6
1. Which of the following refers to the movement and location of physical evidence from
the time it is obtained until the time it is presented in court?
Sequence of
evidence
Domain of
evidence
Chain of custody
Evidence
succession
10 points
QUESTION 7
you define and incorporate the six-step incident response approach along with how the
chain of custody must be maintained throughout any evidence collection process?
Purpose/Object
ives
Scope
Standards
Procedures
10 points
QUESTION 8
1. In which step of the incident response methodology do you mitigate the attack
effects on the neighboring IT resources?
Identificati
on
Containm
ent
Remediati
on
Recovery
10 points
QUESTION 9
1. In which step of the incident response methodology is the goal to restore the system
to normal operations?
Containm
ent
Remediati
on
Recovery
Aftermath
10 points
QUESTION 10
1. Which step of the incident response methodology includes setting up a reasonable
set of defenses/controls, creating a set of procedures to deal with incidents, obtaining the
resources and personnel necessary to deal with the problem, and establishing an
infrastructure to support incident response?
Preparati
on
Detection
Containm
ent
Remediati
on
10 points
QUESTION 11
1. According to the University of Winnipeg Incident Response Procedures, which of the
following is responsible for confirming incidents and coordinating resources to handle them?
Chief Technology Officer
(CTO)
Information Security
Officer
Security services
Legal counsel
10 points
QUESTION 12
1. In which step of the incident response methodology do you detect the incident,
determine its scope, and involve the appropriate parties?
Preparatio
n
Identificati
on
Containm
ent
Remediati
on
10 points
QUESTION 13
1. According to the University of Winnipeg classification of incident levels, which of the
following categories refers to incidents that are completely unexpected and result in
extreme disruption/loss to core services and the ability to meet mission objectives?
Low
Mediu
m
High
Critica
l
10 points
QUESTION 14
1. Which step of the incident response methodology might include actions such as
disconnecting the compromised area from the network, isolating the source of the attack,
disconnecting the affected computer(s) in order to perform further investigation, or
terminating unwanted connections or processes on affected machines?
Identificati
on
Containm
ent
Remediati
on
Recovery
10 points
QUESTION 15
1. According to the University of Winnipeg classification of incident levels, which of the
following categories refers to incidents that result in little to no loss of sensitive information,
little or very limited impact operations, and minimal risk of negative financial impact?
Low
Mediu
m
High
Critica
l
10 points
QUESTION 16
1. If you are reacting to a malicious software attack, such as a virus and its spread,
during which step in the incident response process are you attempting to minimize its
spreading?
Detection
Containm
ent
Recovery
Aftermath
10 points
QUESTION 17
1. Which of the following statements is true regarding the information used in
responding to and handling an incident?
The provider of the incident response information and the consumer of the incident
response information are the same party.
Senior management possesses the subject matter expertise to handle the incident but
does not approve the response policy and budget.
It is up to the incident response team to either give or deny approval and make the
decisions that might impact business.
Management remains the consumer and chief decider, based on information provided
to it by the experts.
10 points
QUESTION 18
you define the security incident response team members and the authorization and
authority granted to them during a crisis or securing incident situation?
Purpose/Object
ives
Scope
Standards
Procedures
10 points
QUESTION 19
1. In which step of the incident response methodology do you find out all
communication channels used by the attacker and block them on all your network
boundaries?
Containm
ent
Remediati
on
Recovery
Aftermath
10 points
QUESTION 20
1. Which of the following statements is true regarding the handling of physical evidence
It will be known from the very beginning of any incident whether the case will or will not become a c
Every incident response should be treated with the assumption that evidence documentation is req
It is simply not feasible to preserve and document physical evidence throughout an entire incident r
The integrity of physical evidence is not an important factor in a court of law.

User Bharadwaj Talari
Course Fall 2019 - Operations Security (ISOL-631-30) (ISOL-631-31) - Combined - Full Term
Test Lab 8: Assessment Quiz
Started 11/8/19 2:19 PM
Submitte 11/8/19 2:34 PM
d
Due Date 11/10/19 11:50 PM
Status Completed
Score
Time 14 minutes out of 1 hour
Elapsed
Instructio
ns
Quiz Instructions
This quiz contains 20 multiple-choice questions. For each question, select the correct answer and click the
answers, click the "Submit all and finish" button.
Results Feedback
Displaye
d
 Question 1
0 out of 10 points
In which section of the computer incident response policy you created in the lab did you
describe what access and authority are granted to the incident response team members
that may be outside of standard protocol?
 Question 2
10 out of 10 points
 Question 3
10 out of 10 points
In which step of the incident response methodology do you establish contacts, define
procedures, gather information, and get familiar with intrusion detection tools to save
time during an attack?
 Question 4
10 out of 10 points
In your Lab Report file, you described the need for a security or computer incident
response team policy definition that addresses the __________ the CIRT response team
members during an incident response emergency.
 Question 5
0 out of 10 points
following is the sole communications link with relevant parties/departments in order to
minimize confusion and possible reporting of misinformation?
 Question 6
10 out of 10 points
Which of the following refers to the movement and location of physical evidence from the
time it is obtained until the time it is presented in court?
 Question 7
0 out of 10 points
define and incorporate the six-step incident response approach along with how the chain
of custody must be maintained throughout any evidence collection process?
 Question 8
0 out of 10 points
In which step of the incident response methodology do you mitigate the attack effects on
the neighboring IT resources?
 Question 9
10 out of 10 points
In which step of the incident response methodology is the goal to restore the system to
normal operations?
 Question 10
10 out of 10 points
Which step of the incident response methodology includes setting up a reasonable set of
defenses/controls, creating a set of procedures to deal with incidents, obtaining the
resources and personnel necessary to deal with the problem, and establishing an
infrastructure to support incident response?
 Question 11
0 out of 10 points
following is responsible for confirming incidents and coordinating resources to handle
them?
 Question 12
10 out of 10 points
In which step of the incident response methodology do you detect the incident,
determine its scope, and involve the appropriate parties?
 Question 13
10 out of 10 points
According to the University of Winnipeg classification of incident levels, which of the
following categories refers to incidents that are completely unexpected and result in
extreme disruption/loss to core services and the ability to meet mission objectives?
 Question 14
10 out of 10 points
Which step of the incident response methodology might include actions such as
disconnecting the compromised area from the network, isolating the source of the attack,
disconnecting the affected computer(s) in order to perform further investigation, or
terminating unwanted connections or processes on affected machines?
 Question 15
0 out of 10 points
According to the University of Winnipeg classification of incident levels, which of the
following categories refers to incidents that result in little to no loss of sensitive
information, little or very limited impact operations, and minimal risk of negative financial
impact?
 Question 16
10 out of 10 points
If you are reacting to a malicious software attack, such as a virus and its spread, during
which step in the incident response process are you attempting to minimize its
spreading?
 Question 17
0 out of 10 points
Which of the following statements is true regarding the information used in responding to
and handling an incident?
 Question 18
0 out of 10 points
define the security incident response team members and the authorization and authority
granted to them during a crisis or securing incident situation?
 Question 19
10 out of 10 points
In which step of the incident response methodology do you find out all communication
channels used by the attacker and block them on all your network boundaries?
 Question 20
10 out of 10 points
Which of the following statements is true regarding the handling of physical evidence
QUESTION 1
1. Which of the following statements is true regarding policy?
Policy should not be reviewed.
Policy should be reviewed but not changed.
Policy should be reviewed, and possibly changed, often.
Policy should not need modification unless a major shift in corporate values or
business process occurs.
10 points
QUESTION 2
1. Which of the following are considered high-level documents that answer the “what” questions?
Policies
Standards
Guidelines and
procedures
Regulations
10 points
QUESTION 3
1. In the lab, you identified an appropriate policy definition that might __________ the risks,
threats, and vulnerabilities of health care IT infrastructure.
classif
y
organi
ze
clarify
mitiga
te
10 points
QUESTION 4
1. In your Lab Report file, you aligned each of the risks, threats, and vulnerabilities that had been
identified in a health care IT infrastructure to the:
domain impacted.
policy impacted.
level of impact.
likelihood of
occurrence.
10 points
QUESTION 5
1. According to the SANS Institute, a __________ is typically a collection of system specific or
procedural specific “suggestions” for best practice.
regulati
on
guidelin
e
standar
d
policy
10 points
QUESTION 6
1. An organization should conduct security awareness training that includes an overview of the
organization’s policies:
only during an employee’s
orientation.
annually.
every three years.
every five years.
10 points
QUESTION 7
1. A company’s IT infrastructure can be divided in a logical manner to more easily sort the risks
by using the:
seven IT domains.
IT infrastructure
framework.
business continuity
guidelines.
policy definition list.
10 points
QUESTION 8
1. According to the SANS Institute, a __________ is typically a collection of system-specific or
procedural-specific requirements that must be met by everyone.
regulati
on
guidelin
e
standar
d
policy
10 points
QUESTION 9
1. In the lab, which of the following Web sites did you review to determine the components of an
information systems security policy?
www.microsoft.com
www.infosyspolicy.org
www.continuitycomplian
ce.org
www.bestpolicypractice.
org
10 points
QUESTION 10
1. In any company, a(n) __________ helps to mitigate the risks and threats the business
encounters.
IT infrastructure
impact analysis
vulnerability
inventory
security policy
10 points
QUESTION 11
1. What policy definition defines the standards, procedures, and guidelines for how employees
are to be granted and authorized access to internal IT resources through the public Internet?
Access Control Policy or Network Access Policy
Business Continuity—Business Impact Analysis

(BIA) Policy
Remote Access Policy
10 points
QUESTION 12
1. According to the SANS Institute, a __________ is typically a document that outlines specific
requirements or rules that must be met and are usually point-specific, covering a single area?
regulati
on
guidelin
e
standar
d
policy
10 points
QUESTION 13
1. What policy definition can help remind employees in the User Domain about what constitutes
suitable use and improper use of corporate IT resources?

(BIA) Policy
10 points
QUESTION 14
1. The purpose of domains in a typical IT infrastructure is to:
control the activities and behaviors of employees and limit their
accessibility to certain domains.
help organize the roles, responsibilities, and accountabilities for risk
management and risk mitigation.
identify the domains most likely to be attacked and the relative cost and
impact of potential attacks.
define the policies that will eliminate all possibilities and avenues of
attack.
10 points
QUESTION 15
1. In the lab, you organized your security policies and the definitions you selected so that they
could be used as part of a framework for a:
layered security strategy.
guidelines document.
vulnerability assessment.
security awareness training

seminar.
10 points
QUESTION 16
1. Which of the following documents answer the “how” questions?
Policies
Standards
Guidelines and
procedures
Regulations
10 points
QUESTION 17
1. In your Lab Report file, you used the SANS Institute document referred to as __________ to
describe the basic requirements of policies, their benefits, the control factors, and policies every
organization needs.
“A Short Primer for Developing Security

Policies”
“A Short Primer for Business Continuity”
“A Short Primer for Maintaining

Compliance”
“A Short Primer for IT Infrastructure Best
Practices”
10 points
QUESTION 18
1. What policy definition is required to restrict and prevent unauthorized access to organization-
owned IT systems and applications?

(BIA) Policy
10 points
QUESTION 19
1. Which of the following statements is true regarding guidelines?
Guidelines should not be reviewed.
Guidelines should be reviewed but not changed.
Guidelines should be reviewed, and possibly changed, often.
Guidelines should not need modification unless a major shift in corporate values or
business process occurs.
10 points
QUESTION 20
1. Which of the following are considered high-level documents that answer the “why” questions?
Policies
Standards
Guidelines and
procedures
Regulations
 Question 1
0 out of 10 points
Which of the following statements is true regarding policy?
 Question 2
0 out of 10 points
Which of the following are considered high-level documents that answer the “what” questions?
 Question 3
10 out of 10 points
In the lab, you identified an appropriate policy definition that might __________ the risks, threats,
and vulnerabilities of health care IT infrastructure.
 Question 4
10 out of 10 points
In your Lab Report file, you aligned each of the risks, threats, and vulnerabilities that had been
identified in a health care IT infrastructure to the:
 Question 5
10 out of 10 points
According to the SANS Institute, a __________ is typically a collection of system specific or
procedural specific “suggestions” for best practice.
 Question 6
10 out of 10 points
An organization should conduct security awareness training that includes an overview of the
organization’s policies:
 Question 7
10 out of 10 points
A company’s IT infrastructure can be divided in a logical manner to more easily sort the risks by
using the:
 Question 8
10 out of 10 points
According to the SANS Institute, a __________ is typically a collection of system-specific or
procedural-specific requirements that must be met by everyone.
 Question 9
0 out of 10 points
In the lab, which of the following Web sites did you review to determine the components of an
information systems security policy?
 Question 10
10 out of 10 points
In any company, a(n) __________ helps to mitigate the risks and threats the business encounters.
 Question 11
0 out of 10 points
What policy definition defines the standards, procedures, and guidelines for how employees are to
be granted and authorized access to internal IT resources through the public Internet?
 Question 12
10 out of 10 points
According to the SANS Institute, a __________ is typically a document that outlines specific
requirements or rules that must be met and are usually point-specific, covering a single area?
 Question 13
0 out of 10 points
What policy definition can help remind employees in the User Domain about what constitutes
suitable use and improper use of corporate IT resources?
 Question 14
10 out of 10 points
The purpose of domains in a typical IT infrastructure is to:
 Question 15
10 out of 10 points
In the lab, you organized your security policies and the definitions you selected so that they could
be used as part of a framework for a:
 Question 16
10 out of 10 points
Which of the following documents answer the “how” questions?
 Question 17
10 out of 10 points
In your Lab Report file, you used the SANS Institute document referred to as __________ to describe
the basic requirements of policies, their benefits, the control factors, and policies every
organization needs.
 Question 18
0 out of 10 points
What policy definition is required to restrict and prevent unauthorized access to organization-
owned IT systems and applications?
 Question 19
0 out of 10 points
Which of the following statements is true regarding guidelines?
 Question 20
10 out of 10 points
Which of the following are considered high-level documents that answer the “why” questions?

Operational Security-Final Exam-Pawan

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Operational Security-Final Exam-Pawan

Uploaded by

Copyright:

Available Formats

QUESTION 1

The business continuity plan (BCP)

Q U E S T I O N 1 1 1.Which of the following outlines recovery steps so that

The business continuity plan (BCP)

Correct Remote Access Domain

Correct Chain of custody

Correct Business Impact Factor

Separation of duties throughout an IT infrastructure helps mitigate risk for an

According to the University of Winnipeg Incident Response Procedures, which of

Security awareness training is designed to mitigate the risks and threats

Correct the User Domain and the Workstation Domain.

Correct A company’s size

Which of the following statements is true regarding a security policy framework?

Correct Your policies should be born from a well-thought-out framework.

Correct A company’s size

Which of the following determines your business continuity management plan

Correct The recovery time objective (RTO)

Security mandates should govern the company’s resources to stop access by

Correct Access control

Security mandates should govern the company’s resources to stop access by

Correct Access control

The audience for security awareness training is:

Correct both new and existing employees.

The Health Insurance Portability and Accountability Act (HIPAA) requires

Correct The business continuity plan (BCP)

Which of the following statements is true regarding the handling of physical

Correct Business continuity: Business impact analysis (BIA)

Correct cannot define, approve, and implement an action of the organization.

Which of the following statements is true regarding implementing your business

Correct WAN Domain

backgrounds and abilities of

titles and hierarchy of

The integrity of physical evidence is not an important factor in a court of law.

Policy should not be reviewed.

Policy should be reviewed but not changed.

Policy should be reviewed, and possibly changed, often.

policy definition list.

Acceptable Use Policy

Access Control Policy or Network Access Policy

Business Continuity—Business Impact Analysis

Remote Access Policy

Acceptable Use Policy

Access Control Policy or Network Access Policy

Remote Access Policy

layered security strategy.

security awareness training

“A Short Primer for Developing Security

“A Short Primer for Business Continuity”

“A Short Primer for Maintaining

Acceptable Use Policy

Access Control Policy or Network Access Policy

Business Continuity—Business Impact Analysis

Remote Access Policy

Guidelines should not be reviewed.

Guidelines should be reviewed but not changed.

Guidelines should be reviewed, and possibly changed, often.

You might also like