A firm is considering using biometric fingerprint identification on all PCs that access critical datA. This requires:

• A.that a registration process is executed for all accredited PC users.
• B.the full elimination of the risk of a false acceptance.
• C.the usage of the fingerprint reader be accessed by a separate password.
• D.assurance that it will be impossible to gain unauthorized access to critical data.

Comment: *

Name: *

Email: *

Verification: *

Senior management has allocated funding to each of the organization's divisions to address information security vulnerabilities. The funding is based on each division's technology budget from the previous fiscal year. Which of the following should be of GREATEST concern to the information security manager?

• A.Redundant controls may be implemented across divisions
• B.Information security governance could be decentralized by divisions
• C.Areas of highest risk may not be adequately prioritized for treatment
• D.Return on investment may be inconsistently reported to senior management

Comment: *

Name: *

Email: *

Verification: *

What are often the primary safeguards for systems software and data?

• A.Administrative access controls
• B.Logical access controls
• C.Physical access controls
• D.Detective access controls

Comment: *

Name: *

Email: *

Verification: *

"Under the concept of ""defense in depth"", subsystems should be designed to:"

• A.""fail insecure"""
• B.""fail secure"""
• C.""react to attack"""
• D.""react to failure"""
• E.None of the choices.

Comment: *

Name: *

Email: *

Verification: *

An organization is considering connecting a critical PC-based system to the Internet. Which of the following
would provide the BEST protection against hacking?

• A.An application-level gateway
• B.A remote access server
• C.A proxy server
• D.Port scanning

Comment: *

Name: *

Email: *

Verification: *