IS5403 QUIZ

  1. Which three (3) of these obligations are part of the 5 key GDPR obligations? Testing
  2. What year did the European Union start enforcing GDPR? 2018
  3. Which three (3) of these obligations are part of the 5 key GDPR obligations? Rights of EU Data Subject Consent Accountability of Compliance
  4. Which is the foundational principle that everyone will get during a SOC audit? Security
  5. The HIPAA security rule requires covered entites to maintain which two (2) reasonable safeguards for protecting e-PHI? Physical Technical
  6. HIPAA Administrative safeguards include which two (2) of the following? Security Personnel Workforce Training and Management
  7. PCI includes 264 requirements grouped under how many main requirements? 12
  8. If you are a mature organization, which CIS Controls Implementation Group would you use? Implementation Group 3
  9. A security attack is defined as which of the following? An event that has been identified by correlation and analytics tools as a malicious activity.
  10. Which order does a typical compliance process follow? Readiness assessment, establish scope, gap remediation, testing/auditing, management reporting
  11. Under GDPR, who determines the purpose and means of processing of personal data? Controller
  12. Under the International Organization for Standardization (ISO), which standard focuses on Privacy? ISO 27018
  13. Which SOC report is closest to an ISO report? Type 1
  14. What is an auditor looking for when they test the control for implementation over an entire offering with no gaps? Completeness
  15. The HIPAA Security Rule requires covered entities to maintain which three (3) reasonable safeguards for protecting e-PHI? Technical Physical administrative
  16. HIPAA Administrative safeguards include which two (2) of the following? Security Personnel Workforce training and management
  17. Who is the governing entity for HIPAA? US Department of Health and Human Services Office of Civil Rights
  18. HIPAA Physical safeguards include which two (2) of the following? Workstation and Device Security Facility Access and Control
  19. PCI uses which three (3) of the following Card Holder Data Environment categories to determine scope? Processes Technology People
  20. One PCI Requirement is using an approved scanning vendor to scan at what frequency? Quarterly
  21. In which CIS control category will you find Incident Response and Management? Organizational
  22. Which is NOT an example of a client? e-mail Server
  23. Which three (3) threat key factors should be considered when looking at an Endpoint Security Solution? threat hunting detection response user education
  24. Your organization uses Xcitium OpenEDR for endpoint protection and response (EDR). You want to know the number of each type of endpoint device, such as smartphones, tablets, and PCs. You also want to know the number of corporate-owned devices versus personal devices. Where in the Xcitium Enterprise Platform’s cloud manager can you find an overview of this information? Audit pane
  25. A patch is a set of changes to a computer program or its data designed for which three (3) functions? improve update fix
  26. Which two types of updates do most organizations patch as soon as possible after testing? Security and Critical
  27. Which three (3) are common Endpoint attack types? Spear Phishing Whale hunting Ad Network
  28. Endpoint detection and response includes which three (3) of these key technologies? Continuous monitoring. Zero-day OS updates. Automatic policy creation for endpoints.
  29. Which common endpoint attack is targeted at supply chain infiltration? Island Hopping
  30. What two windows security updates do most organizations always patch? critical and important
  31. How frequent will most organizations distribute patches? Monthly
  32. Which three (3) objects are typically managed by active directory? Services Volumes Network User
  33. Which type of group within Active Directory is used to assign permissions to shared resources? Security groups
  34. Kerberos Authentication provides several benefits including which three (3) of the following? delegated authentication single sign on interoperability
  35. Which of the nine different kinds of Windows events that can be audited is used to see when someone has shutdown or restarted the computer or when a program tries to do something it does not have permission to do? System events
  36. True or False: Internal commands are built into the shell program and are shell dependent? True
  37. Which Linux Run Level shuts down all services when the system is being rebooted? Run Level 6: Reboot

Other Links:

Statistics Quiz

Networking Quiz

See other websites for quiz:

Check on QUIZLET

Check on CHEGG

Post Views: 141

Leave a Reply

Your email address will not be published. Required fields are marked *