CYBERSECURITY MANAGEMENT I - STRATEGIC - C727 UCERTIFY PRACTICE TEST (A)|UPDATED&VERIFIED|100% SOLVED|GUARANTEED SUCCESS

You are your organization's security administrator. You need to ensure that your organization's data is accurate and secure. Which security objective should you implement? Confidentiality and integrity What are the core security objectives for the protection of information assets? Confidentiality, integrity, and availability Question 3 :What does sending data across an insecure network, such as the Internet, primarily affect? Question 3 :Confidentiality and integrity For which security objective(s) should system owners and data owners be accountable? availability, integrity, and confidentiality Question 5 :What is the designation of an employee who is responsible for maintaining and protecting information? Data custodian BECAUSE they do the following: Maintaining activity records Verifying data accuracy and reliability Backing up and restoring data regularly Which role is a strategic role that helps to develop policies, standards, and guidelines and ensures the security elements are implemented properly? Security analyst ______________approves data classes and alters the classes as needs arise. This role must ensure that appropriate security controls and user access rights are in place. The data owner __________ creates new user accounts and passwords, implements security software, and tests patches and software components. This role is more functional in nature as compared to the security analyst role. The security administrator You have been asked to design a security program. Which approach should you use? Top-down approach ___________ occurs when the IT department has to implement a security program without top management's initiation or support. This approach is less effective than the top-down approach. A bottom-up approach Question 8 :Which security framework acts as a model for IT governance and focuses more on operational goals? Question 8 : COBIT ___________________ is a security framework that acts as a model for corporate governance and focuses more on strategic goals. The COSO framework is made up of the following components: Control Environment Risk Assessment Control Activities Information and Communication Monitoring The Committee of Sponsoring Organizations of the Treadway Commission (COSO) _____________________is a standard that provides recommendations on enterprise security. The domains covered in ISO 17799 are as follows: Information security policy for the organization Creation of information security infrastructure Asset classification and control Personnel security Physical and environmental security Communications and operations management Access control System development and maintenance Business continuity management Compliance International Standards Organization (ISO) 17799 Question 9 :Which term indicates that a company has taken reasonable measures to protect its confidential information and employees? Due care Due care implies that a company assumes responsibility for the actions taking place within the organization by taking reasonable measures to prevent security breaches and to protect information assets and employees. Due care also ensures minimum damage and loss of information and individuals in the event of an intrusion because the countermeasures are already in place ____________ is performed by the company before the standards for due care are set. Due diligence implies that the company investigates and determines the possible vulnerabilities and risks associated with the information assets and employee network of the company. Due diligence Question 10 :What should be the role of the management in developing an information security program? It is mandatory. During a recent security audit, auditors note that the network administrator also acts as the company's security administrator. They suggest that the security administrator duties be given to another individual. Which task should NOT be transferred to the new security administrator? Software upgrade deployment Question 12 :Which role is delegated to personnel of the IT department and is responsible for maintaining the integrity and security of the data? Data custodian BECAUSE they are responsible for the following: Maintaining records of activity Verifying the accuracy and reliability of the data Backing up and restoring data on a regular basis