WGU C725 TEST BANK 2024/2025 MASTER'S COURSE INFORMATION SECURITY AND ASSURANCE 2024/2025 TEST BANK 300 REAL EXAM QUESTIONS AND CORRECT ANSWERS WITH RATIONALES| ALREADY GRADED A+

WGU C725 TEST BANK 2024/2025 MASTER'S COURSE INFORMATION SECURITY AND ASSURANCE 2024/2025 TEST BANK 300 REAL EXAM QUESTIONS AND CORRECT ANSWERS WITH RATIONALES| ALREADY GRADED A+ Which type of control does the system administrator use to grant these permissions? A. Physical B. Protocol C. Access D. Firewall - Answer-C The chief information security officer (CISO) for an organization knows that the organization's datacenter lacks the physical controls needed to adequately control access to sensitive corporate systems. The CEO, CIO, and CFO feel that the current physical access is within a tolerable risk level, and they agree not to pay for upgrades to the facility. Which risk management strategy has the senior leadership decided to employ? A. Deterrence B. Assignment C. Acceptance D. Avoidance - Answer-C Which phase of the software development life cycle follows system design? A. System requirements B. Development C. Testing D. Deployment - Answer-B Which question relates to the functional aspect of computer security? A. Does the system do the right things in the right way? B. Does the security staff do the right job in the right way? C. Does the system do the right things in the wrong way? D. Does the security staff do the right job in the wrong way? - Answer-A Which leg of the CIA triad is addressed when a business contracts with a cloud vendor to backup its information? A. Information B. Availability C. Integrity D. Confidentiality - Answer-B Which action is an example of a loss of information integrity based on the CIA triad? A. A system administrator uses another administrator's password without request. B. A security engineer accidentally scrambles information in a database. C. A help desk employee verifies customers' identities before changing passwords. D. A help desk employee refuses to share an employee's information with a partner. - Answer-B What is included in quantitative risk analysis? A. Risk ranking B. Risk mitigation C. Risk transfer D. Risk insurance - Answer-A What is a fundamentally objective concept in determining risk? A. Risk acceptance B. Risk recovery C. Resource availability D. Resource costs - Answer-D Which domain of the (ISC)² Common Body of Knowledge addresses procedures and tools that eliminate or reduce the capability to exploit critical information? A. Physical (Enviromental) Security B. Access Control C. Operations Security D. Cryptography - Answer-C Which domain of the (ISC)² Common Body of Knowledge addresses identification, authentication, authorization, and logging and monitoring techniques and technologies? A. Access Control B. Operations Security C. Cryptography D. Software Development Security - Answer-A Which type of policy establishes a security plan, assigns management responsibilities, and states an organization's computer security objectives? A. Framework-level B. Program-level C. System-specific D. Issue-specific - Answer-B A company consults a best practices manual from its vendor while deploying a new IT system.Which type of document does this exemplify? A. Procedures B. Guidelines C. Policies D. Standards - Answer-B Which type of technology are DropBox, Skype, and Office 365 examples of? A. Local Area Network B. Wireless C. Wide Area Network D. Cloud Computing - Answer-D An organization has all of its offices in several different buildings that are situated on a large city block. Which type of network is specifically suited to connect these offices to the organization's network? A. Wireless B. Campus C. Metropolitan D. Wide - Answer-B A new bookkeeper receives an email claiming to come from an online banking site. The bookkeeper clicks on an embedded link and enters some of the company's banking information into the cybercriminal's website. Which security method can deter this type of attack in the future? A. Employee security training B. Principle of least privilege C. Change management D. Separation of duties -