IS 4470 Final questions with correct answers
why are physical devices inventoried? Correct Answer-security controls
protect hardware that is storing data, failure can result in compromise of
system
how are devices inventoried? Correct Answer-creating a list with unique
id's, expense tracking, identifying the location
why are software platforms inventoried? Correct Answer-to protect data
and to understand where the data is accessed from, failure can result in
compromise
how are software platforms inventoried Correct Answer-create a list of
all software with unique id's, track all applications and their used os,
track licenses for all users, id data and business owners
why are data flows mapped? Correct Answer-helps protect data with
security controls by understanding where the data is moving, prevent
leakage of data to lower security systems, data is most a risk when it
leaves primary system
how are data flows mapped? Correct Answer-creating and maintaining a
data flow diagram, commonly done by business analysts
why are resources prioritized based on their classification? Correct
Answer-there is limited amount of time energy and resources so that
should be focused on the critical systems
, how are resources categorized? Correct Answer-application criticality
analysis or business impact analysis is used to classify based on the data
they contain, document the impact to CIA detemine RTO and RPO
RTO Correct Answer-Recovery Time Objective. An RTO identifies the
maximum amount of time it can take to restore a system after an outage.
It is related to the RPO and the BIA often includes both RTOs and
RPOs.
RPO Correct Answer-Recovery Point Objective. A Recovery Point
Objective identifies a point in time where data loss is acceptable. It is
related to the RTO and the BIA often includes both RTOs and RPOs.
cyber security roles and responsibilities Correct Answer-teams must
protect the data, not one person can protect it all. it is easy for things to
fall through the crack, define job descriptions and hire accordingly
security of business contracts Correct Answer-ensure that they address
the security of data and they have LSA's
Critical Infrastructure Correct Answer-critical infrastructure impacts the
publics health and well being and must be treated with the highest level
of concern
why are physical devices inventoried? Correct Answer-security controls
protect hardware that is storing data, failure can result in compromise of
system
how are devices inventoried? Correct Answer-creating a list with unique
id's, expense tracking, identifying the location
why are software platforms inventoried? Correct Answer-to protect data
and to understand where the data is accessed from, failure can result in
compromise
how are software platforms inventoried Correct Answer-create a list of
all software with unique id's, track all applications and their used os,
track licenses for all users, id data and business owners
why are data flows mapped? Correct Answer-helps protect data with
security controls by understanding where the data is moving, prevent
leakage of data to lower security systems, data is most a risk when it
leaves primary system
how are data flows mapped? Correct Answer-creating and maintaining a
data flow diagram, commonly done by business analysts
why are resources prioritized based on their classification? Correct
Answer-there is limited amount of time energy and resources so that
should be focused on the critical systems
, how are resources categorized? Correct Answer-application criticality
analysis or business impact analysis is used to classify based on the data
they contain, document the impact to CIA detemine RTO and RPO
RTO Correct Answer-Recovery Time Objective. An RTO identifies the
maximum amount of time it can take to restore a system after an outage.
It is related to the RPO and the BIA often includes both RTOs and
RPOs.
RPO Correct Answer-Recovery Point Objective. A Recovery Point
Objective identifies a point in time where data loss is acceptable. It is
related to the RTO and the BIA often includes both RTOs and RPOs.
cyber security roles and responsibilities Correct Answer-teams must
protect the data, not one person can protect it all. it is easy for things to
fall through the crack, define job descriptions and hire accordingly
security of business contracts Correct Answer-ensure that they address
the security of data and they have LSA's
Critical Infrastructure Correct Answer-critical infrastructure impacts the
publics health and well being and must be treated with the highest level
of concern
