Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
86) Which of the following laws makes it mandatory for organizations to demonstrate that there
are controls in place to prevent misuse and detect any potential problems?
A) Sarbanes-Oxley Act
B) Trade Expansion Act of 1962
C) Electronic Communications Privacy Act of 1986
D) Central Intelligence Agency Act
E) U.S.A. Patriot Act
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
87) The ________ is a set of best practices that helps organizations to maximize the benefits
from their IS infrastructure and to establish appropriate controls.
A) Sarbanes-Oxley Act of 2002 (S-OX)
B) Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA)
C) Electronic Communications Privacy Act of 1986
D) control objectives for information and related technology (COBIT)
E) USA Patriot Act
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
88) Insuring all the systems and information processing tasks is an essential part of risk
acceptance strategy.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
89) A virtual private network is also called a secure tunnel.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
28
90) A firewall is a part of a computer system designed to detect intrusion and prevent
unauthorized access to or from a private network.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
91) A hot backup site is an empty warehouse with all necessary connections for power and
communication.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
92) Secure Sockets Layer is a popular private key decryption method used on the Internet.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
93) A honeypot is a computer, data, or network site that is used to penetrate other networks and
computer systems to snoop or to cause damage.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
94) An account management policy explains technical controls on all organizational computer
systems, such as access limitations, audit-control software, firewalls, and so on.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
29
95) Recovery point objectives are used to specify how current the backup data should be.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
96) Corrective controls are used to mitigate the impact of any problem after it has arisen, such as
restoring compromised data.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
97) Control objectives for information and related technology (COBIT) is a set of best practices
that helps organizations to maximize the benefits from their IS infrastructure and establish
appropriate controls.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
98) Write a short note on information systems risk assessment. What are the three ways in which
organizations react to perceived risks?
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
30
99) List the commonly used methods in which technology is employed to safeguard information
systems.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
100) Briefly describe the concept of virtual private networks.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
31
101) List the policies and procedures that guide users' decisions and establish responsibilities
within an organization.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
102) Explain the concept of disaster planning in organizations.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
32
103) Explain various types of information systems controls.
Difficulty: Easy
Learning Obj.: 10.3: Discuss the process of managing IS security and describe various IS
controls that can help in ensuring IS security.
Classification: Concept
33
