WGU Course C836 - Fundamentals of Information Security Revised Exam Graded A+

Some standards are not mandated by law but are managed and enforced by the industry, often via a council or committee. Which of the options below is an example of this industry compliance? A FISMA B PCI DSS C SOX D HIPAA E GLBA - B ______ sets limits on the use and disclosure of patient information and grants individuals rights over their own health records. A HIPAA B SOX C GLBA D FERPA E PCI DSS - A ______ ensures the protection of information, operations, and assets in federal government. A SOX B PCI DSS C FERPA D HIPAA E FISMA - E ______ protects the privacy of students and their parents. A PCI DSS B FISMA C HIPAA D GLBA E FERPA - E ______ regulates the financial practice and governance of corporations. A FERPA B HIPAA C GLBA D FISMA E SOX - E ______ protects the customers of financial institutions. A PCI DSS B SOX C FISMA D FERPA E GLBA - E During what phase of the operations security process do we match threats and vulnerabilities? A Analysis of threats B Analysis of vulnerabilities C Assessment of risks D Application of countermeasures E Identification of critical information - C Haas' second law of operations security, "If you don't know what to protect, how do you know you are protecting it?," maps to what step in the operations security process? A Application of countermeasures B Assessment of risks C Analysis of vulnerabilities D Analysis of threats E Identification of critical information - E You are leaving for an extended vacation and want to take steps to protect your home. You set a timer to turn lights and the TV on and off at various times throughout the day, suspend the mail delivery, and arrange for a neighbor to come in and water the plants. What step in the operations security process do these actions demonstrate? A Identification of critical information B Analysis of threats C Analysis of vulnerabilities D Assessment of risks E Application of countermeasures - E The process of intelligence gathering and analysis to support business decisions is known as _______. A Competitive business B Business intelligence C Business competition D Counter intelligence E Competitive intelligence - E The study that was conducted to discover the cause of the information leak during the Vietnam War was codenamed ________ and is now considered a symbol of OPSEC. A Vietnam Viper B The Art of War C Purple Dragon D Sun Tzu - C Which of the following is not a best practice for password security? A Educating users on password management B Creating a password policy C Enforcing complex password requirements D Forcing password expiration intervals E Teaching users how to manually sync passwords between systems - E