WGU C843 Managing Information Security KOP1 TASK
1: Analysis Response|Latest Update with complete solution
Which of the following is the first step in the problem-solving process?
A
Analyze and compare the possible solutions
B
Develop possible solutions
C
Recognize and define the problem
D
Select, implement and evaluate a solution - ✔✔ANSWER✔✔>>C
A(n) polymorphic threat is one that over time changes the way it appears to antivirus
software programs, making it undetectable by techniques that look for pre-configured
signatures.
A
False
B
True - ✔✔ANSWER✔✔>>B
Which of the following set the direction and scope of the security process and provide
detailed instruction for its conduct?
A
system controls
B
managerial controls
C
operational controls
D
technical controls - ✔✔ANSWER✔✔>>B
The individual accountable for ensuring the day-to-day operation of the InfoSec
program, accomplishing the objectives identified by the CISO and resolving issues
identified by technicians are known as a(n) ____________.
A
security manager
,B
chief technology officer
C
chief information security officer
D
security technician - ✔✔ANSWER✔✔>>A
When using the Governing for Enterprise Security (GES) program, an Enterprise
Security Program (ESP) should be structured so that governance activities are driven by
the organization's executive management, select key stakeholders, as well as the
____________.
A
Board Audit Committee
B
Board Finance Committee
C
Board Risk Committee
D
Chairman of the Board - ✔✔ANSWER✔✔>>C
Which of the following should be included in an InfoSec governance program?
A
An InfoSec development methodology
B
An InfoSec risk management methodology
C
An InfoSec project management assessment from an outside consultant
D
All of these are components of the InfoSec governance program - ✔✔ANSWER✔✔>>B
Values statements should therefore be ambitous; after all, they are meant to express
the aspirations of the organization.
A
True
B
False - ✔✔ANSWER✔✔>>B
Which type of planning is the primary tool in determining the long-term direction taken
by an organization?
A
managerial
B
,operational
C
tactical
D
strategic - ✔✔ANSWER✔✔>>D
The process of identifying and documenting specific and provable flaws in the
organization's information asset environment is known as ____________.
A
safeguard neutralization
B
vulnerability assessment
C
penetration testing
D
exploit identification - ✔✔ANSWER✔✔>>B
A clearly directed strategy flows from top to bottom rather than from bottom to top.
A
False
B
True - ✔✔ANSWER✔✔>>B
In which phase of the SecSDLC does the risk management task occur?
A
implementation
B
investigation
C
analysis
D
physical design - ✔✔ANSWER✔✔>>C
Which of these is a systems development approach that incorporates teams of
representatives from multiple constituencies, including users, management, and IT,
each with a vested interest in the project's success?
A
software engineering
B
joint application design
C
sequence-driven policies
, D
event-driven procedures - ✔✔ANSWER✔✔>>B
Question 4 :Which type of attack involves sending a large number of connection or
information requests to a target?
A
denial-of-service (DoS)
B
brute force
C
spear fishing
D
malicious code - ✔✔ANSWER✔✔>>A
"Shoulder spying" is used in public or semi-public settings when individuals gather
information they are not authorized to have by looking over another individual's shoulder
or viewing the information from a distance.
A
False
B
True - ✔✔ANSWER✔✔>>A
Which of the following is the principle of management dedicated to the structuring of
resources to support the accomplishment of objectives?
A
controlling
B
leading
C
organization
D
planning - ✔✔ANSWER✔✔>>C
The macro virus infects the key operating system files located in a computer's start up
sector.
A
True
B
False - ✔✔ANSWER✔✔>>B
1: Analysis Response|Latest Update with complete solution
Which of the following is the first step in the problem-solving process?
A
Analyze and compare the possible solutions
B
Develop possible solutions
C
Recognize and define the problem
D
Select, implement and evaluate a solution - ✔✔ANSWER✔✔>>C
A(n) polymorphic threat is one that over time changes the way it appears to antivirus
software programs, making it undetectable by techniques that look for pre-configured
signatures.
A
False
B
True - ✔✔ANSWER✔✔>>B
Which of the following set the direction and scope of the security process and provide
detailed instruction for its conduct?
A
system controls
B
managerial controls
C
operational controls
D
technical controls - ✔✔ANSWER✔✔>>B
The individual accountable for ensuring the day-to-day operation of the InfoSec
program, accomplishing the objectives identified by the CISO and resolving issues
identified by technicians are known as a(n) ____________.
A
security manager
,B
chief technology officer
C
chief information security officer
D
security technician - ✔✔ANSWER✔✔>>A
When using the Governing for Enterprise Security (GES) program, an Enterprise
Security Program (ESP) should be structured so that governance activities are driven by
the organization's executive management, select key stakeholders, as well as the
____________.
A
Board Audit Committee
B
Board Finance Committee
C
Board Risk Committee
D
Chairman of the Board - ✔✔ANSWER✔✔>>C
Which of the following should be included in an InfoSec governance program?
A
An InfoSec development methodology
B
An InfoSec risk management methodology
C
An InfoSec project management assessment from an outside consultant
D
All of these are components of the InfoSec governance program - ✔✔ANSWER✔✔>>B
Values statements should therefore be ambitous; after all, they are meant to express
the aspirations of the organization.
A
True
B
False - ✔✔ANSWER✔✔>>B
Which type of planning is the primary tool in determining the long-term direction taken
by an organization?
A
managerial
B
,operational
C
tactical
D
strategic - ✔✔ANSWER✔✔>>D
The process of identifying and documenting specific and provable flaws in the
organization's information asset environment is known as ____________.
A
safeguard neutralization
B
vulnerability assessment
C
penetration testing
D
exploit identification - ✔✔ANSWER✔✔>>B
A clearly directed strategy flows from top to bottom rather than from bottom to top.
A
False
B
True - ✔✔ANSWER✔✔>>B
In which phase of the SecSDLC does the risk management task occur?
A
implementation
B
investigation
C
analysis
D
physical design - ✔✔ANSWER✔✔>>C
Which of these is a systems development approach that incorporates teams of
representatives from multiple constituencies, including users, management, and IT,
each with a vested interest in the project's success?
A
software engineering
B
joint application design
C
sequence-driven policies
, D
event-driven procedures - ✔✔ANSWER✔✔>>B
Question 4 :Which type of attack involves sending a large number of connection or
information requests to a target?
A
denial-of-service (DoS)
B
brute force
C
spear fishing
D
malicious code - ✔✔ANSWER✔✔>>A
"Shoulder spying" is used in public or semi-public settings when individuals gather
information they are not authorized to have by looking over another individual's shoulder
or viewing the information from a distance.
A
False
B
True - ✔✔ANSWER✔✔>>A
Which of the following is the principle of management dedicated to the structuring of
resources to support the accomplishment of objectives?
A
controlling
B
leading
C
organization
D
planning - ✔✔ANSWER✔✔>>C
The macro virus infects the key operating system files located in a computer's start up
sector.
A
True
B
False - ✔✔ANSWER✔✔>>B
