Asked by wealthwale Multiple Selection 1. Select the controls from the list below that can implement a tailored access policy. A. Access control lists B. Control of user group-based access rights C. Control of world-based access rights D. Control of system-based access rights Multiple
Choice 2. What is the principle behind Microsoft's operating systems using a UAC (user account control)? A. Provide total admin privileges B. Change user password C. Provide temporary admin privileges D. Acceptable Use Policy Multiple Choice 3. Unix implements three file-access rights (read, write, and execute/search) for which identities? A. Owner B. Group C. World D. All of these are correct. 4. Unix users have several
commands. Which of the following commands is short for the command "Change group"? A. Chmod B. Chgrp C. Chown D. None of these is correct. Multiple Selection 5. Which of the following are the primary file-access rights in Unix? Select all that apply. A. Read B. Control
C. Write
D. Execute
6. True or False? If the "root" user accesses a file, the system grants full access.
Fill-in-the-Blank
7. _________ is described as the implicit spreading of trust.
Multiple Choice
8. A primary use of event logs is to:
A. determine when software should be upgraded.
B. serve as an audit trail.
C. identify file ownership.
D. All of these are correct.
True/False
9. True or False? The computer keeps record of what it does, and those set of files are called the event log or the audit trail.
Essay
10. Explain the role logging plays in meeting compliance with laws related to financial institutions and practices, such as the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act.
Multiple Choice
11. Passed in 2002, __________ requires U.S. government agencies to implement agency-wide information security programs.
A. SOX (Sarbanes-Oxley Act)
B. HIPAA (Health Insurance Portability and Accountability Act)
C. FISMA (Federal Information Security Management Act)
D. PCI DSS (Payment Card Industry Data Security Standard)
Multiple Selection
12. Why do event logs record both normal and abnormal activities? Select all that apply.
A. An activity may look normal when it occurs and abnormal when analyzed in context with other activities
B. Normal activities are so rarely logged that they do not add enough overhead to justify removing them.
C. Normal activities help track side effects of abnormal activities
Multiple Choice
13. People who interpret event logs do not like administrators to use privileged accounts with a fixed name, like "root." Which of the following is the best explanation for this?
A. The "root" user ID is shared by many people; the event log can't easily tell which user really performed a logged action
B. Auditors who review event logs believe they should have the same access rights as other administrative personnel
C. Overuse of the "root" user ID increases the risk that someone will execute malicious software by mistake
D. The "root" user ID can modify event logs, while other privilege mechanisms, like "sudo," can't modify event logs
14. Which of the following is a formal review of the systems integrity and of the data it maintains regarding the organization's business.
A. Security event log
B. Event logging
C. Information systems audit
D. None of these is correct.
15. The security framework that replaced the U.S. DOD Orange Book is called:
A. Common Conduct.
B. Red Book.
C. PCI DSS.
D. Common Criteria.
16. The law that establishes security measures that must be taken on health-related information is:
A. HIPAA.
B. GLBA.
C. SOX.
D. FISMA.
Answer & Explanation
Rated Helpful
Answered by SargentHeat7349
s a mole
- lestie consequat, ult
- pulvinar tortor nec fa
- s a molestie consequat, ultr
- sus ante
- , dictum vitae odio. Donec al
- nec
- gue vel laoreet
- risus ante, dapibus a moles
congue vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem ipsum dolor
Unlock full access to Course Hero
Explore over 16 million step-by-step answers from our library
Subscribe to view answer
Step-by-step explanation
, ultri
Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet
- pulvinar tortor nec facil
- ac, dictum vitae odio. D
- m risus ante, dapibus a molestie consequat, ultrices ac magna.
a. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Do
m risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, da
nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem ipsum dolor
inia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam ri
facilisis. Pellentesque dapibus efficitur laoreet. Nam ri
ec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio.
itur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum
consectetur adipiscing elit. Nam
m risus ante, dapibus a
rem ipsum do
Student reviews
80% (5 ratings)
"thank you"