- All Exams Instant Download
Which is NOT a suitable action to apply to data when the retention period ends?
Which is NOT a suitable action to apply to data when the retention period ends?A . Aggregation. B. De-identifcation. C. Deletion. D. Retagging.View AnswerAnswer: C
Which of the following is considered a client-side IT risk?
Which of the following is considered a client-side IT risk?A . Security policies focus solely on internal corporate obligations. B. An organization increases the number of applications on its server. C. An employee stores his personal information on his company laptop. D. IDs used to avoid the use of personal...
Under the Family Educational Rights and Privacy Act (FERPA), releasing personally identifable information from a student's educational record requires written permission from the parent or eligible student in order for information to be?
Under the Family Educational Rights and Privacy Act (FERPA), releasing personally identifable information from a student's educational record requires written permission from the parent or eligible student in order for information to be?A . Released to a prospective employer. B. Released to schools to which a student is transferring. C....
What must be done to destroy data stored on "write once read many" (WORM) media?
What must be done to destroy data stored on "write once read many" (WORM) media?A . The data must be made inaccessible by encryption. B. The erase function must be used to remove all data. C. The media must be physically destroyed. D. The media must be reformatted.View AnswerAnswer: C
Which of the following is considered a records management best practice?
Which of the following is considered a records management best practice?A . Archiving expired data records and fles. B. Storing decryption keys with their associated backup systems. C. Implementing consistent handling practices across all record types. D. Using classifcation to determine access rules and retention policy.View AnswerAnswer: D
Which of the following statements describes an acceptable disclosure practice?
Which of the following statements describes an acceptable disclosure practice?A . An organization's privacy policy discloses how data will be used among groups within the organization itself. B. With regard to limitation of use, internal disclosure policies override contractual agreements with third parties. C. Intermediaries processing sensitive data on behalf...
What control would apply?
A user who owns a resource wants to give other individuals access to the resource. What control would apply?A . Mandatory access control. B. Role-based access controls. C. Discretionary access control. D. Context of authority controls.View AnswerAnswer: C
You have been asked to verify compliance as well as to evaluate all current security controls and security measures, including data encryption methods, authentication controls and the safest methods for transferring data into and out of the facility. As you prepare to begin your analysis, you fnd yourself considering an intriguing question: Can these people be sure that I am who I say I am?
SCENARIO It should be the most secure location housing data in all of Europe, if not the world. The Global Finance Data Collective (GFDC) stores fnancial information and other types of client data from large banks, insurance companies, multinational corporations and governmental agencies. After a long climb on a mountain...
Which is true regarding the type of encryption Lancelot uses?
SCENARIO Wesley Energy has fnally made its move, acquiring the venerable oil and gas exploration frm Lancelot from its long-time owner David Wilson. As a member of the transition team, you have come to realize that Wilson's quirky nature affected even Lancelot's data practices, which are maddeningly inconsistent. `The old...
What is the distinguishing feature of asymmetric encryption?
What is the distinguishing feature of asymmetric encryption?A . It has a stronger key for encryption than for decryption. B. It employs layered encryption using dissimilar methods. C. It uses distinct keys for encryption and decryption. D. It is designed to cross operating systems.View AnswerAnswer: C
