SY0-410:2 TS Quiz Compliance and Operational Security
Questions With Complete Solutions
"
As your organization's security administrator, you are reviewing
the audit results to assess if your organization's security
baselines are maintained. In which phase of the security
management life cycle are you engaged?
Plan and Organize
Implement
Operate and Maintain
Monitor and Evaluate
" Correct Answer "
Answer:
Monitor and Evaluate
Explanation:
You are engaged in the Monitor and Evaluate phase of the
security management life cycle. This phase includes the
following components:
Review logs, audit results, metrics, and service level
agreements.
Assess accomplishments.
Complete quarterly steering committee meetings.
Develop improvement steps for integration into Plan and
Organize phase.
Reviewing audits is not part of any of the other phases."
"
,Which operation must you undertake to avoid mishandling of
tapes, CDs, DVDs, and printed material?
degaussing
zeroization
labeling
offsite storage
" Correct Answer "
Answer:
labeling
Explanation:
Proper labeling is required to avoid mishandling of the
information on storage media, such as tapes and DVDs.
Compact discs are used to store small data sets while backup
tapes and DVDs are used to store large numbers of data sets.
Storage media containing confidential information must be
appropriately marked and labeled to ensure appropriate
classification. The storage media should also be stored in a
protected area. Each media should be labeled with the following
details:
classification
date of creation
retention period
volume name and version
name of the person who created the backup
Your organization's security policy should document the proper
data labeling, handling, and disposal procedures for all
classifications of data.
,Degaussing is not a media handling technique but a media
sanitization technique. Degaussing is the process of reducing or
eliminating an unwanted magnetic field of a storage media by
applying strong magnetic forces. Degaussing devices generate
powerful opposing magnetic fields that reduce the magnetic flux
density of the storage media to zero. Degaussing is the most
preferred method for erasing data from magnetic media, such as
floppy disks and magnetic tapes.
Zeroization is also a media sanitization technique. Zeroization
implies that a storage media is repeatedly overwritten with null
values, such as multiple ones and zeros, for sanitization.
Zeroization is generally used in a software development
environment.
Data transfer to an offsite location should take place to create a
backup copy of the media if there is a disaster at the primary
site. Data transferred to an offsite location acts as a backup copy
of the data. The storage media should be labeled appropriately to
prevent mishandling.
Your organization's security policy should also address user hab
"
Which plan ensures that a vital corporate position is filled in the
event it is vacated during a disaster?
occupant emergency plan (OEP)
continuity of operations plan (COOP)
executive succession plan
reciprocal agreement
, " Correct Answer "Answer:
executive succession plan
Explanation:
An executive succession plan ensures that a vital corporate
position is filled in the event it is vacated during a disaster. This
plan could be carried out in the event of the death, resignation,
or retirement of a corporate executive.
An occupant emergency plan (OEP) is created to ensure that
injury and loss of life are minimized when an outage or disaster
occurs. It also focuses on property damage. Interviewing is not
included as part of its development.
A continuity of operations plan (COOP) is a document that
explains how critical operations will be maintained in the event
a disaster occurs. When a company?s payroll server or another
server is intentionally powered off for eight hours, the
company's continuity of operations plan is being tested.
A reciprocal agreement is an agreement in which two companies
agree to provide offsite facilities to each other in the event a
disaster occurs.
"
"
Which type of analysis involves comparing the cost of
implementing a safeguard to the impact of a possible threat?
risk analysis
Questions With Complete Solutions
"
As your organization's security administrator, you are reviewing
the audit results to assess if your organization's security
baselines are maintained. In which phase of the security
management life cycle are you engaged?
Plan and Organize
Implement
Operate and Maintain
Monitor and Evaluate
" Correct Answer "
Answer:
Monitor and Evaluate
Explanation:
You are engaged in the Monitor and Evaluate phase of the
security management life cycle. This phase includes the
following components:
Review logs, audit results, metrics, and service level
agreements.
Assess accomplishments.
Complete quarterly steering committee meetings.
Develop improvement steps for integration into Plan and
Organize phase.
Reviewing audits is not part of any of the other phases."
"
,Which operation must you undertake to avoid mishandling of
tapes, CDs, DVDs, and printed material?
degaussing
zeroization
labeling
offsite storage
" Correct Answer "
Answer:
labeling
Explanation:
Proper labeling is required to avoid mishandling of the
information on storage media, such as tapes and DVDs.
Compact discs are used to store small data sets while backup
tapes and DVDs are used to store large numbers of data sets.
Storage media containing confidential information must be
appropriately marked and labeled to ensure appropriate
classification. The storage media should also be stored in a
protected area. Each media should be labeled with the following
details:
classification
date of creation
retention period
volume name and version
name of the person who created the backup
Your organization's security policy should document the proper
data labeling, handling, and disposal procedures for all
classifications of data.
,Degaussing is not a media handling technique but a media
sanitization technique. Degaussing is the process of reducing or
eliminating an unwanted magnetic field of a storage media by
applying strong magnetic forces. Degaussing devices generate
powerful opposing magnetic fields that reduce the magnetic flux
density of the storage media to zero. Degaussing is the most
preferred method for erasing data from magnetic media, such as
floppy disks and magnetic tapes.
Zeroization is also a media sanitization technique. Zeroization
implies that a storage media is repeatedly overwritten with null
values, such as multiple ones and zeros, for sanitization.
Zeroization is generally used in a software development
environment.
Data transfer to an offsite location should take place to create a
backup copy of the media if there is a disaster at the primary
site. Data transferred to an offsite location acts as a backup copy
of the data. The storage media should be labeled appropriately to
prevent mishandling.
Your organization's security policy should also address user hab
"
Which plan ensures that a vital corporate position is filled in the
event it is vacated during a disaster?
occupant emergency plan (OEP)
continuity of operations plan (COOP)
executive succession plan
reciprocal agreement
, " Correct Answer "Answer:
executive succession plan
Explanation:
An executive succession plan ensures that a vital corporate
position is filled in the event it is vacated during a disaster. This
plan could be carried out in the event of the death, resignation,
or retirement of a corporate executive.
An occupant emergency plan (OEP) is created to ensure that
injury and loss of life are minimized when an outage or disaster
occurs. It also focuses on property damage. Interviewing is not
included as part of its development.
A continuity of operations plan (COOP) is a document that
explains how critical operations will be maintained in the event
a disaster occurs. When a company?s payroll server or another
server is intentionally powered off for eight hours, the
company's continuity of operations plan is being tested.
A reciprocal agreement is an agreement in which two companies
agree to provide offsite facilities to each other in the event a
disaster occurs.
"
"
Which type of analysis involves comparing the cost of
implementing a safeguard to the impact of a possible threat?
risk analysis
