CEN Final Exam
Education is considered to be what level of the training program?
Insight
True or False? Typically, IT users have a great deal of IT experience.
False
True or False? Certification boot camps have no use to an organization.
False
Which Constitutional Amendments are necessary in properly handling computer forensic
investigations?
Fifth Amendment
Which of the following is not an example of a Web-based delivery system?
Case Studies
True or False? Users pay closer attention to matters when they involve or affect them
personally.
True
IT managers must have a ___ understanding of threats.
Technical
True or False? A champion must have an inherent buy-in on the change(s) being proposed.
True
,What is one way to control access to secure areas?
Access Control Lists
True or False? Storage of data identifies how the data is being disseminated.
False
Which of the following directs the overall business strategy?
Policy
In NIST SP 800-30, the federal government is said to perform a new assessment every years.
Three
True or False? HIPAA compliance applies to anyone handling PHI data.
True
True or False? IT Standards are developed to protect the organization from threats within and
outside the organization.
False
Which of the following does not belong to the triad of information security?
Connected Communication
True or False? HIPAA rules affect more than just patient privacy.
True
, What mandate affects insurance portability?
HIPAA
In what phase of risk management integration into SDLC processes should the system security
features be configured, enabled, tested and verified?
Implementation
What mandate requires all government agencies to conduct annual information security
assessments?
FISMA Mandate
Match the following:
Sarbanes-Oxley (SOX) Act
Oversees the audit of public companies subject to securities laws
Match the following:
Gramm-Leach-Bliley Act (GLBA)
Financial institutions must provide to clients a privacy notice explaining how data is shared
Match the following:
HIPAA
Protects sensitive health information from being disclosed without the patient's consent or
knowledge
Match the following:
Data Protection Act
National law which complements the European Union's General Data Protection Regulation
Match the following:
Federal Information Security Management Act
Education is considered to be what level of the training program?
Insight
True or False? Typically, IT users have a great deal of IT experience.
False
True or False? Certification boot camps have no use to an organization.
False
Which Constitutional Amendments are necessary in properly handling computer forensic
investigations?
Fifth Amendment
Which of the following is not an example of a Web-based delivery system?
Case Studies
True or False? Users pay closer attention to matters when they involve or affect them
personally.
True
IT managers must have a ___ understanding of threats.
Technical
True or False? A champion must have an inherent buy-in on the change(s) being proposed.
True
,What is one way to control access to secure areas?
Access Control Lists
True or False? Storage of data identifies how the data is being disseminated.
False
Which of the following directs the overall business strategy?
Policy
In NIST SP 800-30, the federal government is said to perform a new assessment every years.
Three
True or False? HIPAA compliance applies to anyone handling PHI data.
True
True or False? IT Standards are developed to protect the organization from threats within and
outside the organization.
False
Which of the following does not belong to the triad of information security?
Connected Communication
True or False? HIPAA rules affect more than just patient privacy.
True
, What mandate affects insurance portability?
HIPAA
In what phase of risk management integration into SDLC processes should the system security
features be configured, enabled, tested and verified?
Implementation
What mandate requires all government agencies to conduct annual information security
assessments?
FISMA Mandate
Match the following:
Sarbanes-Oxley (SOX) Act
Oversees the audit of public companies subject to securities laws
Match the following:
Gramm-Leach-Bliley Act (GLBA)
Financial institutions must provide to clients a privacy notice explaining how data is shared
Match the following:
HIPAA
Protects sensitive health information from being disclosed without the patient's consent or
knowledge
Match the following:
Data Protection Act
National law which complements the European Union's General Data Protection Regulation
Match the following:
Federal Information Security Management Act
