C961 REVIEW EXAM QUESTIONS
WITH COMPLETE SOLUTIONS
GRADED A+
Which best practice standard should be enforced to ensure IT personnel are properly
trained? - Answer-Reasonable professional standard
The leader of an IT department is approached by one of her managers to ask for a
salary increase. The manager does a fantastic job of presenting a solid rationale for the
increase. At the end his presentation, he says he knows the salaries of all his
colleagues because he accessed the payroll file on the company network.
Which part of the security triad was violated? - Answer-Confidentiality
The leader of an IT department is approached by one of her managers to ask for a
salary increase. The manager does a fantastic job of presenting a solid rationale for the
increase. At the end his presentation, he says he knows the salaries of all his
colleagues because he accessed the payroll file on the company network.
Which method may have mitigated the threat posed by the manager? - Answer-Proper
access control
The leader of an IT department is approached by one of her managers to ask for a
salary increase. The manager does a fantastic job of presenting a solid rationale for the
increase. At the end his presentation, he says he knows the salaries of all his
colleagues because he accessed the payroll file on the company network.
Which law may this leader's organization use against this manager? - Answer-Computer
Fraud and Abuse Act
An avid software developer opens a software business and registers the company using
SIC 7371 and NAICS 541511 codes.
This business is contracted to create a resource management system to automate
processes. The company modified an open source code and marketed it as proprietary
software, charging other companies thousands of dollars to use it.
What may this open source community obtain to avoid this practice? - Answer-Open
source license
, An avid software developer opens a software business and registers the company using
SIC 7371 and NAICS 541511 codes.
A software developer's code defines the business. An employee created a product to
corrupt data every couple of weeks. During the testing phase, the code worked as
planned, and the company and the end user accepted it. After one week, the end user's
data were corrupted.
How may this threat be described? - Answer-Malware
An avid software developer opens a software business and registers the company using
SIC 7371 and NAICS 541511 codes.
The product the firm produces dictates its viability, but the software has a reputation of
being defective. To ensure the success of the firm, several developers were terminated
for producing malicious software.
What may these terminated employees be classified as? - Answer-Black hat hackers
An avid software developer opens a software business and registers the company using
SIC 7371 and NAICS 541511 codes.
Which type of ethics is absent when workers purposely defame their employer by
demonstrating unethical behaviors without considering the impact on information
systems? - Answer-Virtue ethics
As part of a college's requirement for degree completion, a student is required to work in
a team of three to create a business plan for a company of her choice. She has two
good friends who started the program with her, and all have agreed to work together.
After several brainstorming meetings, everyone agrees that the company would be a
startup. The main focus of this business would be providing services for nonprofessional
caregivers. The company defines nonprofessional caretakers as family members taking
care of relatives in a private home environment.
Which organization would offer more comprehensive training programs to support
caregivers? - Answer-Centers for Medicare & Medicaid Services (CMS)
As part of a college's requirement for degree completion, a student is required to work in
a team of three to create a business plan for a company of her choice. She has two
good friends who started the program with her, and all have agreed to work together.
After several brainstorming meetings, everyone agrees that the company would be a
startup. The main focus of this business would be providing services for nonprofessional
caregivers. The company defines nonprofessional caretakers as family members taking
care of relatives in a private home environment.
WITH COMPLETE SOLUTIONS
GRADED A+
Which best practice standard should be enforced to ensure IT personnel are properly
trained? - Answer-Reasonable professional standard
The leader of an IT department is approached by one of her managers to ask for a
salary increase. The manager does a fantastic job of presenting a solid rationale for the
increase. At the end his presentation, he says he knows the salaries of all his
colleagues because he accessed the payroll file on the company network.
Which part of the security triad was violated? - Answer-Confidentiality
The leader of an IT department is approached by one of her managers to ask for a
salary increase. The manager does a fantastic job of presenting a solid rationale for the
increase. At the end his presentation, he says he knows the salaries of all his
colleagues because he accessed the payroll file on the company network.
Which method may have mitigated the threat posed by the manager? - Answer-Proper
access control
The leader of an IT department is approached by one of her managers to ask for a
salary increase. The manager does a fantastic job of presenting a solid rationale for the
increase. At the end his presentation, he says he knows the salaries of all his
colleagues because he accessed the payroll file on the company network.
Which law may this leader's organization use against this manager? - Answer-Computer
Fraud and Abuse Act
An avid software developer opens a software business and registers the company using
SIC 7371 and NAICS 541511 codes.
This business is contracted to create a resource management system to automate
processes. The company modified an open source code and marketed it as proprietary
software, charging other companies thousands of dollars to use it.
What may this open source community obtain to avoid this practice? - Answer-Open
source license
, An avid software developer opens a software business and registers the company using
SIC 7371 and NAICS 541511 codes.
A software developer's code defines the business. An employee created a product to
corrupt data every couple of weeks. During the testing phase, the code worked as
planned, and the company and the end user accepted it. After one week, the end user's
data were corrupted.
How may this threat be described? - Answer-Malware
An avid software developer opens a software business and registers the company using
SIC 7371 and NAICS 541511 codes.
The product the firm produces dictates its viability, but the software has a reputation of
being defective. To ensure the success of the firm, several developers were terminated
for producing malicious software.
What may these terminated employees be classified as? - Answer-Black hat hackers
An avid software developer opens a software business and registers the company using
SIC 7371 and NAICS 541511 codes.
Which type of ethics is absent when workers purposely defame their employer by
demonstrating unethical behaviors without considering the impact on information
systems? - Answer-Virtue ethics
As part of a college's requirement for degree completion, a student is required to work in
a team of three to create a business plan for a company of her choice. She has two
good friends who started the program with her, and all have agreed to work together.
After several brainstorming meetings, everyone agrees that the company would be a
startup. The main focus of this business would be providing services for nonprofessional
caregivers. The company defines nonprofessional caretakers as family members taking
care of relatives in a private home environment.
Which organization would offer more comprehensive training programs to support
caregivers? - Answer-Centers for Medicare & Medicaid Services (CMS)
As part of a college's requirement for degree completion, a student is required to work in
a team of three to create a business plan for a company of her choice. She has two
good friends who started the program with her, and all have agreed to work together.
After several brainstorming meetings, everyone agrees that the company would be a
startup. The main focus of this business would be providing services for nonprofessional
caregivers. The company defines nonprofessional caretakers as family members taking
care of relatives in a private home environment.
