COMPREHENSIVE IT SECURITY AND BUSINESS
CONTINUITY EXAM 2024
Multiple Choice
1 point
Question 1 is unpinned. Click to pin.
Question at position 1
An individual stores all passwords in cleartext format in the notes area of a free online email
system and in a piece of paper in their wallet. They also use a weak password to access their
email. The individual loses their wallet at a theme park, and a system at work ends up being
compromised as a result. An RCA is likely to yield which of the following at the top of the list?
An individual stores all passwords in cleartext format in the notes area of a free online email
system and in a piece of paper in their wallet. They also use a weak password to access their
email. The individual loses their wallet at a theme park, and a system at work ends up being
compromised as a result. An RCA is likely to yield which of the following at the top of the list?
The individual uses a weak password to access email.
The individual needs to attend security training.
The individual stored passwords in cleartext format.
The individual lost their wallet at a theme park.
The individual stored passwords on a piece of paper.
Question at position 2
2
Multiple Choice
1 point
Question 2 is unpinned. Click to pin.
Question at position 2
An agency has an RPO of two hours and an RTO of 30 minutes. The agency suffers a disaster
and starts restoring data at noon. By what time can the agency expect to be up and running?
An agency has an RPO of two hours and an RTO of 30 minutes. The agency suffers a disaster
and starts restoring data at noon. By what time can the agency expect to be up and running?
2:00 p.m.
12:30 p.m.
, 2:30 p.m.
None of these
Question at position 3
3
Multiple Choice
1 point
Question 3 is unpinned. Click to pin.
Question at position 3
A software tester is using a system in a computer lab. The computer lab has internet access but is
not connected to the corporate network. The tester clicks on a link in an email that renders the
computer inoperable. The tester then sits idle for 30 minutes waiting for the IT staff to replace
the computer. What preventive measure should have been put in place?
A software tester is using a system in a computer lab. The computer lab has internet access but is
not connected to the corporate network. The tester clicks on a link in an email that renders the
computer inoperable. The tester then sits idle for 30 minutes waiting for the IT staff to replace
the computer. What preventive measure should have been put in place?
A backup computer next to the original.
The computer should have been clustered.
None, computers can be quickly replaced.
More comprehensive technology capacity planning.
Question at position 4
4
Multiple Choice
1 point
Question 4 is unpinned. Click to pin.
Question at position 4
In the process of responding to a security event, Fram identifies the cause of the event and
temporarily disconnects the system that may be causing damage from the network. What action
did Fram take in terms of response?
In the process of responding to a security event, Fram identifies the cause of the event and
temporarily disconnects the system that may be causing damage from the network. What action
did Fram take in terms of response?
Eradication
CONTINUITY EXAM 2024
Multiple Choice
1 point
Question 1 is unpinned. Click to pin.
Question at position 1
An individual stores all passwords in cleartext format in the notes area of a free online email
system and in a piece of paper in their wallet. They also use a weak password to access their
email. The individual loses their wallet at a theme park, and a system at work ends up being
compromised as a result. An RCA is likely to yield which of the following at the top of the list?
An individual stores all passwords in cleartext format in the notes area of a free online email
system and in a piece of paper in their wallet. They also use a weak password to access their
email. The individual loses their wallet at a theme park, and a system at work ends up being
compromised as a result. An RCA is likely to yield which of the following at the top of the list?
The individual uses a weak password to access email.
The individual needs to attend security training.
The individual stored passwords in cleartext format.
The individual lost their wallet at a theme park.
The individual stored passwords on a piece of paper.
Question at position 2
2
Multiple Choice
1 point
Question 2 is unpinned. Click to pin.
Question at position 2
An agency has an RPO of two hours and an RTO of 30 minutes. The agency suffers a disaster
and starts restoring data at noon. By what time can the agency expect to be up and running?
An agency has an RPO of two hours and an RTO of 30 minutes. The agency suffers a disaster
and starts restoring data at noon. By what time can the agency expect to be up and running?
2:00 p.m.
12:30 p.m.
, 2:30 p.m.
None of these
Question at position 3
3
Multiple Choice
1 point
Question 3 is unpinned. Click to pin.
Question at position 3
A software tester is using a system in a computer lab. The computer lab has internet access but is
not connected to the corporate network. The tester clicks on a link in an email that renders the
computer inoperable. The tester then sits idle for 30 minutes waiting for the IT staff to replace
the computer. What preventive measure should have been put in place?
A software tester is using a system in a computer lab. The computer lab has internet access but is
not connected to the corporate network. The tester clicks on a link in an email that renders the
computer inoperable. The tester then sits idle for 30 minutes waiting for the IT staff to replace
the computer. What preventive measure should have been put in place?
A backup computer next to the original.
The computer should have been clustered.
None, computers can be quickly replaced.
More comprehensive technology capacity planning.
Question at position 4
4
Multiple Choice
1 point
Question 4 is unpinned. Click to pin.
Question at position 4
In the process of responding to a security event, Fram identifies the cause of the event and
temporarily disconnects the system that may be causing damage from the network. What action
did Fram take in terms of response?
In the process of responding to a security event, Fram identifies the cause of the event and
temporarily disconnects the system that may be causing damage from the network. What action
did Fram take in terms of response?
Eradication
