Which of the following cloud delivery models is NOT intrinsically "trusted" in terms of security by clients using the service?
Which of the following cloud delivery models is NOT intrinsically "trusted" in terms of security by clients using the service?A . Public.B . Private.C . Hybrid.D . CommunityView AnswerAnswer: D
Why have MOST European countries developed specific legislation that permits police and security services to monitor communications traffic for specific purposes, such as the detection of crime?
Why have MOST European countries developed specific legislation that permits police and security services to monitor communications traffic for specific purposes, such as the detection of crime?A . Under the European Convention of Human Rights, the interception of telecommunications represents aninterference with the right toprivacy.B . GDPR overrides all previous...
day attacks?
Which of the following controls would be the MOST relevant and effective in detecting zero day attacks?A . Strong OS patch managementB . Vulnerability assessmentC . Signature-based intrusion detection.D . Anomaly based intrusion detection.View AnswerAnswer: B Explanation: https://www.sciencedirect.com/topics/computer-science/zero-day-attack
Which of the following is a framework and methodology for Enterprise Security Architecture and Service Management?
Which of the following is a framework and methodology for Enterprise Security Architecture and Service Management?A . TOGAFB . SABSAC . PCI DSE . OWASView AnswerAnswer: B
Which of the following testing methodologies TYPICALLY involves code analysis in an offline environment without ever actually executing the code?
Which of the following testing methodologies TYPICALLY involves code analysis in an offline environment without ever actually executing the code?A . Dynamic Testing.B . Static Testing.C . User Testing.D . Penetration Testing.View AnswerAnswer: D
Which security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?
Which security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?A . System Integrity.B . Sandboxing.C . Intrusion Prevention System.D . Defence in depth.View AnswerAnswer: D Explanation: https://en.wikipedia.org/wiki/Defense_in_depth_(computing)
In terms of security culture, what needs to be carried out as an integral part of security by all members of an organisation and is an essential component to any security regime?
In terms of security culture, what needs to be carried out as an integral part of security by all members of an organisation and is an essential component to any security regime?A . The 'need to knownprinciple.B . Verification of visitor's IDC . Appropriate behaviours.D . Access denial measuresView AnswerAnswer:...
Which of the following is a framework and methodology for Enterprise Security Architecture and Service Management?
Which of the following is a framework and methodology for Enterprise Security Architecture and Service Management?A . TOGAFB . SABSAC . PCI DSE . OWASView AnswerAnswer: B
How does network visualisation assist in managing information security?
How does network visualisation assist in managing information security?A . Visualisation can communicate large amounts of data in a manner that is a relatively simple way for people to analyse and interpret.B . Visualisation provides structured tables and lists that can be analysed using common tools such as MS Excel.C...
Which of the following is NOT a valid statement to include in an organisation's security policy?
Which of the following is NOT a valid statement to include in an organisation's security policy?A . The policy has the support of Board and the Chief Executive.B . The policy has been agreed and amended to suit all third party contractors.C . How the organisation will manage information assurance.D...