MIS 374 Exam 3 With Valid Answers
How ris rprotecting rthe rdoor rto ra rserver rroom rsimilar rto rauthenticating ra ruser's raccess
rto rdata? r- rCORRECT✅✅In rboth rcases, ra ruser rmust rprovide rone ror rmore rfactors
rto rprove rauthorization rto raccess rthe rroom ror rdata.
True ror rFalse: rSurveillance rsystems rshould rbe rmonitored r24/7 rfor rbest rresults. r-
rCORRECT✅✅False. rSurveillance rsystems rcan rbe rreviewed rregularly ror ras
rneeded, rnot rnecessarily r24/7.
Why ris rfire rsuch ra rserious rconcern rin rserver rrooms ror rdata rcenters? r-
rCORRECT✅✅Fire rcan rdestroy requipment rand rdata, rmaking rrecovery rdifficult ror
rimpossible.
Why ris rproviding ran radequate rcooling rsolution rnecessary rin ra rserver rroom ror rdata
rcenter? r- rCORRECT✅✅To rprevent roverheating, rwhich rcan rdamage ror rdestroy
rservers rand rthe rdata rthey rstore.
What ris rthe rdifference rbetween rphysical raccess rand rlogical raccess rto ra rdatabase
rserver? r- rCORRECT✅✅Physical raccess rmeans rbeing rnear rthe rserver; rlogical
raccess rmeans raccessing rit rvia ra rnetwork.
What ris rthe rbasic rjob rof ra rfirewall? r- rCORRECT✅✅To rfilter rincoming rand routgoing
rnetwork rtraffic.
Why ris ra rnetwork rfirewall rpreferred rover ra rhost rfirewall? r- rCORRECT✅✅It rblocks
rtraffic rbefore rit rreaches rthe rserver, runlike ra rhost rfirewall rwhich racts rafter rarrival.
What ris rthe rbasic rfunction rof ra rperimeter rnetwork? r- rCORRECT✅✅To rprovide
rsecure rconnectivity rbetween ra rcloud/public rnetwork rand ra rprivate/on-prem rnetwork.
What ris rthe rfirst rstep rto rdetermine rhow rto rproperly rprotect rdata? r-
rCORRECT✅✅Identify rlocation rand rtype rof rdata, rand rclassify rwhat ris rprivate.
What rare rtwo rstates rof rdata rthat rmust rbe rconsidered rfor rprotection? r-
rCORRECT✅✅Data rat rrest rand rdata rin rtransit.
Data rin rwhich rstate ris rvulnerable rto ran ron-path rattack? r- rCORRECT✅✅Data rin
rtransit.
Why rare rtraditional rperimeter rsecurity rmeasures rnot rsufficient rfor rnetwork rendpoints?
r- rCORRECT✅✅Modern rendpoints rare roften routside rtraditional rperimeters r(e.g.
rmobile, rremote rdevices).
, What ris roften rthe rbiggest rthreat rto rdata rsecurity? r- rCORRECT✅✅Employees.
What rdoes rthe rdata rdestruction rpart rof ra rdata rretention rpolicy rspecify? r-
rCORRECT✅✅How rto rdestroy/dispose rof rdata rwhen rit ris rno rlonger rneeded.
Why rshould ra rdata rretention rpolicy rbe rreviewed rperiodically? r-
rCORRECT✅✅Regulations/laws rchange rand rpolicies rmust rbe rupdated rto rcomply.
What rdoes rthe rretention rperiod rdictate? r- rCORRECT✅✅How rlong rinactive rdata
rmust rbe rretained rbefore rdisposal.
True ror rFalse: rA rdata rretention rpolicy ronly rapplies rto rdigital rdata. r-
rCORRECT✅✅False. rIt rapplies rto rall rprivate rdata, rdigital ror rphysical.
What rare rthe rramifications rof rviolating ra rdata rretention rpolicy? r-
rCORRECT✅✅Heavy rfines rand rpossible rtermination rof rindividuals.
What ris ra rmajor rvariable rthat raffects rhow rdata rmust rbe rprotected? r-
rCORRECT✅✅The rclassification rof rthe rdata.
Data rthat ris rnot rgenerally rknown rand rshould rbe rkept rsecret ris rcategorized ras rwhat?
r- rCORRECT✅✅Confidential rdata.
What ris rthe rprimary rlaw roverseeing rPHI rin rthe rU.S.? r- rCORRECT✅✅HIPAA
What rregulation rdefines rhow rcard rdata rmust rbe rstored, rtransmitted, rand rdestroyed?
r- rCORRECT✅✅PCI rDSS
What ris rdata rthat rcan rbe rused rto ridentify ra runique rindividual? r-
rCORRECT✅✅Personally rIdentifiable rInformation r(PII).
True ror rFalse: rRegulations ronly raffect rcompanies rin rtheir rdefined rregions. r-
rCORRECT✅✅False. rCompanies rdoing rbusiness rin ra rregion rcan rbe raffected rby rits
rregulations.
Why ris ridentifying rapplicable rprivacy rlaws rchallenging rfor rorganizations? r-
rCORRECT✅✅The rinternet rallows rbusinesses rto rreach rglobal rcustomers, rimpacting
rmultiple rjurisdictions.
How rdo rwe rknow rthat rprivacy rand rdata rprotection rare rbeing rincreasingly
rrecognized? r- rCORRECT✅✅Over r70% rof rcountries rare renacting rdata rprivacy rand
rprotection rlaws.
What ragreement rrequires rboth rparties rnot rto rdisclose rinformation? r-
rCORRECT✅✅A rnondisclosure ragreement r(NDA).
How ris rprotecting rthe rdoor rto ra rserver rroom rsimilar rto rauthenticating ra ruser's raccess
rto rdata? r- rCORRECT✅✅In rboth rcases, ra ruser rmust rprovide rone ror rmore rfactors
rto rprove rauthorization rto raccess rthe rroom ror rdata.
True ror rFalse: rSurveillance rsystems rshould rbe rmonitored r24/7 rfor rbest rresults. r-
rCORRECT✅✅False. rSurveillance rsystems rcan rbe rreviewed rregularly ror ras
rneeded, rnot rnecessarily r24/7.
Why ris rfire rsuch ra rserious rconcern rin rserver rrooms ror rdata rcenters? r-
rCORRECT✅✅Fire rcan rdestroy requipment rand rdata, rmaking rrecovery rdifficult ror
rimpossible.
Why ris rproviding ran radequate rcooling rsolution rnecessary rin ra rserver rroom ror rdata
rcenter? r- rCORRECT✅✅To rprevent roverheating, rwhich rcan rdamage ror rdestroy
rservers rand rthe rdata rthey rstore.
What ris rthe rdifference rbetween rphysical raccess rand rlogical raccess rto ra rdatabase
rserver? r- rCORRECT✅✅Physical raccess rmeans rbeing rnear rthe rserver; rlogical
raccess rmeans raccessing rit rvia ra rnetwork.
What ris rthe rbasic rjob rof ra rfirewall? r- rCORRECT✅✅To rfilter rincoming rand routgoing
rnetwork rtraffic.
Why ris ra rnetwork rfirewall rpreferred rover ra rhost rfirewall? r- rCORRECT✅✅It rblocks
rtraffic rbefore rit rreaches rthe rserver, runlike ra rhost rfirewall rwhich racts rafter rarrival.
What ris rthe rbasic rfunction rof ra rperimeter rnetwork? r- rCORRECT✅✅To rprovide
rsecure rconnectivity rbetween ra rcloud/public rnetwork rand ra rprivate/on-prem rnetwork.
What ris rthe rfirst rstep rto rdetermine rhow rto rproperly rprotect rdata? r-
rCORRECT✅✅Identify rlocation rand rtype rof rdata, rand rclassify rwhat ris rprivate.
What rare rtwo rstates rof rdata rthat rmust rbe rconsidered rfor rprotection? r-
rCORRECT✅✅Data rat rrest rand rdata rin rtransit.
Data rin rwhich rstate ris rvulnerable rto ran ron-path rattack? r- rCORRECT✅✅Data rin
rtransit.
Why rare rtraditional rperimeter rsecurity rmeasures rnot rsufficient rfor rnetwork rendpoints?
r- rCORRECT✅✅Modern rendpoints rare roften routside rtraditional rperimeters r(e.g.
rmobile, rremote rdevices).
, What ris roften rthe rbiggest rthreat rto rdata rsecurity? r- rCORRECT✅✅Employees.
What rdoes rthe rdata rdestruction rpart rof ra rdata rretention rpolicy rspecify? r-
rCORRECT✅✅How rto rdestroy/dispose rof rdata rwhen rit ris rno rlonger rneeded.
Why rshould ra rdata rretention rpolicy rbe rreviewed rperiodically? r-
rCORRECT✅✅Regulations/laws rchange rand rpolicies rmust rbe rupdated rto rcomply.
What rdoes rthe rretention rperiod rdictate? r- rCORRECT✅✅How rlong rinactive rdata
rmust rbe rretained rbefore rdisposal.
True ror rFalse: rA rdata rretention rpolicy ronly rapplies rto rdigital rdata. r-
rCORRECT✅✅False. rIt rapplies rto rall rprivate rdata, rdigital ror rphysical.
What rare rthe rramifications rof rviolating ra rdata rretention rpolicy? r-
rCORRECT✅✅Heavy rfines rand rpossible rtermination rof rindividuals.
What ris ra rmajor rvariable rthat raffects rhow rdata rmust rbe rprotected? r-
rCORRECT✅✅The rclassification rof rthe rdata.
Data rthat ris rnot rgenerally rknown rand rshould rbe rkept rsecret ris rcategorized ras rwhat?
r- rCORRECT✅✅Confidential rdata.
What ris rthe rprimary rlaw roverseeing rPHI rin rthe rU.S.? r- rCORRECT✅✅HIPAA
What rregulation rdefines rhow rcard rdata rmust rbe rstored, rtransmitted, rand rdestroyed?
r- rCORRECT✅✅PCI rDSS
What ris rdata rthat rcan rbe rused rto ridentify ra runique rindividual? r-
rCORRECT✅✅Personally rIdentifiable rInformation r(PII).
True ror rFalse: rRegulations ronly raffect rcompanies rin rtheir rdefined rregions. r-
rCORRECT✅✅False. rCompanies rdoing rbusiness rin ra rregion rcan rbe raffected rby rits
rregulations.
Why ris ridentifying rapplicable rprivacy rlaws rchallenging rfor rorganizations? r-
rCORRECT✅✅The rinternet rallows rbusinesses rto rreach rglobal rcustomers, rimpacting
rmultiple rjurisdictions.
How rdo rwe rknow rthat rprivacy rand rdata rprotection rare rbeing rincreasingly
rrecognized? r- rCORRECT✅✅Over r70% rof rcountries rare renacting rdata rprivacy rand
rprotection rlaws.
What ragreement rrequires rboth rparties rnot rto rdisclose rinformation? r-
rCORRECT✅✅A rnondisclosure ragreement r(NDA).
