Security actual EXAM STUDY GUIDE
COMPLETE QUESTIONS AND CORRECT
ANSWERS WITH RATIONALES || 100%
GUARANTEED PASS LATEST UPDATED
VERSION GRADED A+
The District of Columbia and 45 states have enacted breach notification laws,
which require an organization to notify state residents if it experiences a security
breach that involves the personal information of the residents. Which group of four
states does not have a breach notification law?
A Alabama, Kentucky, New Mexico, and South Dakota
B Alabama, Kentucky, New Mexico, and Wisconsin
C Alabama, Arizona, New Mexico, and South Dakota
D Alabama, Kentucky, West Virginia, and South Dakota - Answer A
___________________ are money awards that compensate the non-breaching
party for the foreseeable damages that arise from circumstances outside of the
contract and can't be mitigated.
A Nominal damages
B Compensatory damages
C Consequential damages
D Liquidated damages - Answer C
,The U.S. Cabinet consists of:
A the vice president and the nine Supreme Court justices
B the Speaker of the House, the vice president, and the president
C the vice president and the heads of the 15 executive departments
D the nine Supreme Court justices and the heads of the 15 executive departments -
Answer C
The main goal of ______________ is to protect shareholders and investors from
financial fraud.
A Public Company Accounting Oversight Board
B Sarbanes-Oxley Act (SOX)
C Gramm-Leach-Bliley Act
D Securities and Exchange Commission - Answer B
Which doctrine prevents the government from using illegally gathered evidence at
a criminal trial?
A Locard's Exchange
B Fruit of the Poisonous Tree
C Doctrine of Precedent
D Daubert - Answer B
,In January 2007, TJX disclosed that hackers had breached its credit card systems.
The company reported that the attackers might have accessed credit card data
going back to 2002. It reported that 45.7 million credit and debit card numbers
might have been disclosed. At the time, the breach was believed to be the largest
ever. Banks and customers sued TJX in connection with the breach. State
governments also sued the company for failing to protect the credit card
information of state residents. Given the nature of this breach, which federal
agency opened an investigation?
A the Federal Deposit Insurance Corporation
B the Consumer Financial Protection Bureau
C the Federal Trade Commission
D the Federal Reserve System - Answer C
______________________ includes identification of the threats and vulnerabilities
to the organization's IT resources and determining the impact of those threats and
vulnerabilities.
A Risk assessment
B Risk response
C Operational planning
D Security planning - Answer A
Under SEC rules, internal controls over financial reporting (ICFR) are processes
that provide reasonable assurance that financial reports are reliable. Which of the
following is not assured by ICFR?
A
, Unauthorized acquisition or use of data or assets that could affect financial
statements will be prevented or detected in a timely manner.
B
IT controls that contain financial data are maintained.
C
Financial reports, records, and data are accurately maintained.
D
Transactions are prepared according to GAAP rules and are properly recorded. -
Answer B
The HIPAA ______________________ states how covered entities must protect
the confidentiality, integrity, and availability of electronic personal health
information.
A Security Rule
B Red Flag Rule
C Administrative Simplification Rule
D Privacy Rule - Answer A
_____________________ refers to the purchase of application services over the
Internet.
A Cloud computing
B Software as a Service (SaaS)
C Social media
D Specific performance - Answer B