Professional Documents
Culture Documents
True
False
What would you recommend as a mitigation plan for employees who bring their own CDs and flash drives to work
and plug them into company workstations?
Conduct a cost-benefit analysis, add more storage for users to save their personal photos and music files.
Develop and acceptable use policy, disable USB ports on company workstations, and train employees on
company awareness
Only allow employees to insert CDs and flash drives on company workstations after business hours.
We will be conducting thorough penetration testing. Can we have the CEO's password to his office laptop?
Will you be terminating employees who won't sign the security awareness training documents?
Which domain usually contains privacy data in systems, servers, and databases?
LAN-to-WAN domain
User domain
Systems/Application domain
Workstation domain
LAN domain
To ensure that the changes function as designed without introducing new risks, threats, or vulnerabilities
To ensure that the changes make the system run faster, use less memory, and complete backups before the
users come back on the system the next day.
To ensure that the revision versions of the patches (version 1.0, version 2.0, etc) are readable.
A long-term risk-mitigation plan should include risk-mitigation policies, standards, procedures, and guidelines
True
False
Companies that are out of compliance on laws should delay remediation of non-compliance as a low priority. Other
more pressing matters such as employees inserting their own flash drives into company workstations or an operating
system with a known software vulnerability should be addressed first. then the company can worry about non-
compliant actions.
True
False