We can leave laptops during weekdays or weekends in locked bins.
We can leave laptops during weekdays or weekends in locked bins. A. True B. FalseView AnswerAnswer: B Explanation: According to ISO/IEC 27001:2022, clause A.11.2.9, the organization should protect mobile devices and media containing sensitive information from unauthorized access, loss or theft. The organization should also implement appropriate encryption techniques and...
What is not one of the four main objectives of a risk analysis?
A well-executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives. What is not one of the four main objectives of a risk analysis?A . Identifying assets and their valueB . Implementing counter measuresC . Establishing a balance between the costs of an...
Which of the following is an information security management system standard published by the International Organization for Standardization?
Which of the following is an information security management system standard published by the International Organization for Standardization?A . ISO9008B . ISO27001C . ISO5501D . ISO22301View AnswerAnswer: B Explanation: ISO/IEC 27001:2022 is an information security management system standard published by the International Organization for Standardization (ISO) and the International Electrotechnical...
Which threat could occur if no physical measures are taken?
Which threat could occur if no physical measures are taken? A. Unauthorised persons viewing sensitive files B. Confidential prints being left on the printer C. A server shutting down because of overheating D. Hackers entering the corporate networkView AnswerAnswer: C Explanation: Which threat could occur if no physical measures are...
An employee caught with offense of abusing the internet, such as P2P file sharing or video/audio streaming, will not receive a warning for committing such act but will directly receive an IR.
An employee caught with offense of abusing the internet, such as P2P file sharing or video/audio streaming, will not receive a warning for committing such act but will directly receive an IR.A . TrueB . FalseView AnswerAnswer: A Explanation: An employee caught with offense of abusing the internet, such as...
How are data and information related?
How are data and information related?A . Data is a collection of structured and unstructured informationB . Information consists of facts and statistics collected together for reference or analysisC . When meaning and value are assigned to data, it becomes informationView AnswerAnswer: C Explanation: Data and information are related concepts,...
What is an example of the indirect damage caused by this fire?
There was a fire in a branch of the company Midwest Insurance. The fire department quickly arrived at the scene and could extinguish the fire before it spread and burned down the entire premises. The server, however, was destroyed in the fire. The backup tapes kept in another room had...
__________ is a software used or created by hackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems.
__________ is a software used or created by hackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems.A . TrojanB . Operating SystemC . VirusD . MalwareView AnswerAnswer: D Explanation: Malware is a software used or created by hackers to disrupt computer operation, gather sensitive...
What controls can you do to protect sensitive data in your computer when you go out for lunch?
What controls can you do to protect sensitive data in your computer when you go out for lunch?A . You activate your favorite screen-saverB . You are confident to leave your computer screen as is since a password protected screensaver is installed and it is set to activate after 10...
What type of compliancy standard, regulation or legislation provides a code of practice for information security?
What type of compliancy standard, regulation or legislation provides a code of practice for information security?A . ISO/IEC 27002B . Personal data protection actC . Computer criminality actD . IT Service ManagementView AnswerAnswer: A Explanation: ISO/IEC 27002:2022 is an international standard that provides a code of practice for information security...