CIS 462 FINAL EXAM B 100% CORRECT ANSWERS GUARANTEE GRADE ‘A’

In order to enhance the training experience and emphasize the core security goals and mission, it is recommended that the executives . Selected Answer: Correct Answer: schedule multiple training sessions with new employees for face-to-face interaction video record a message from one the leaders in a senior role to share with new employees • Question 2 2 out of 2 points Which of the following scenarios illustrates an ideal time to implement security policies in order to gain the maximum level of organizational commitment? Selected Answer: The policies should be implemented following a new product launch. Correct Answer: The policies should be implemented following a new product launch. • Question 3 2 out of 2 points is a term that denotes the way that a policy either diminishes business disruptions or facilitates the business’s success. Selected Answer: Business risk Correct Answer: Business risk • Question 4 0 out of 2 points Which of the following is the most important reason to solicit feedback from people who have completed security awareness training? Selected Answer: Correct Answer: It is important for the purposes of trainer evaluation, education, and development. It helps discern that attendees can demonstrate knowledge gained through training. • Question 5 2 out of 2 points Many organizations have a(n) , which is comprised of end user devices (including tablets, laptops, and smartphones) on a shared network and that use distributed system software; this enables these devices to function simultaneously, regardless of location. Selected Answer: distributed infrastructure Correct Answer: distributed infrastructure • Question 6 0 out of 2 points In order to build security policy implementation awareness across the organization, there should be who partner with other team and departments to promote IT security through different communication channels. Selected Answer: several IT department specialists Correct Answer: multiple executive supporters • Question 7 2 out of 2 points The department responsible for providing security training to new employees is the . Selected Answer: HR Correct Answer: HR • Question 8 2 out of 2 points Which of the following statements does not offer an explanation of what motivates an insider to pose a security risk? Selected Answer: Correct Answer: An individual might think that threatening to disclose security information will earn the attention and recognition from the organization and thus result in promotion. An individual might think that threatening to disclose security information will earn the attention and recognition from the organization and thus result in promotion. • Question 9 2 out of 2 points One of seven domains of a typical IT infrastructure is the user domain. Within that domain is a range of user types, and each type has specific and distinct access needs. Which of the following types of users has the responsibility of creating and putting into place a security program within an organization? Selected Answer: security personnel Correct Answer: security personnel • Question 10 2 out of 2 points The Barings Bank collapsed in 1995 after it was found that an employee had lost over $1.3 billion of the bank’s assets on the market. The collapse occurred when an arbitrage trader was responsible for both managing trades and guaranteeing that trades were settled and reported according to proper procedures. To which of the following causes is this collapse attributed? Selected Answer: lack of separation of duties Correct Answer: lack of separation of duties • Question 11 2 out of 2 points Which of the following is not one of the types of control partners? Selected Answer: software engineers Correct Answer: software engineers • Question 12 0 out of 2 points Of all the reasons that people commit errors when it comes to IT security, which of the following is the main reason people make mistakes? Selected Answer: insufficient oversight or training Correct Answer: carelessness • Question 13 2 out of 2 points One of the processes designed to eradicate maximum possible security risks is to , which limits access credentials to the minimum required to conduct any activity and ensures that access is authenticated to particular individuals. Selected Answer: harden Correct Answer: harden • Question 14 2 out of 2 points Which of the following user types is responsible for audit coordination and response, physical security and building operations, and disaster recovery and contingency planning? Selected Answer: security personnel Correct Answer: security personnel • Question 15 0 out of 2 points