Which of the following statements pertaining to the maintenance of an IT contingency plan is incorrect?

• A.The plan should be reviewed at least once a year for accuracy and completeness.
• B.The Contingency Planning Coordinator should make sure that every employee gets an up-to-date copy of the plan.
• C.Strict version control should be maintained.
• D.Copies of the plan should be provided to recovery personnel for storage offline at home and office.

Comment: *

Name: *

Email: *

Verification: *

Which of the following outlined how senior management are responsible for the computer and information security decisions that they make and what actually took place within their organizations?

• A.The Computer Security Act of 1987.
• B.The Federal Sentencing Guidelines of 1991.
• C.The Economic Espionage Act of 1996.
• D.The Computer Fraud and Abuse Act of 1986.

Comment: *

Name: *

Email: *

Verification: *

Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

• A.Not possible
• B.Only possible with key recovery scheme of all user keys
• C.It is possible only if X509 Version 3 certificates are used
• D.It is possible only by "brute force" decryption

Comment: *

Name: *

Email: *

Verification: *

What is the main concern with single sign-on?

• A.Maximum unauthorized access would be possible if a password is disclosed.
• B.The security administrator's workload would increase.
• C.The users' password would be too hard to remember.
• D.User access rights would be increased.

Comment: *

Name: *

Email: *

Verification: *

When compiling a risk assessment report, which of the following items should be included? (Choose all that apply)

• A.Names of frequent security violators
• B.ALE calculations
• C.Vulnerability levels
• D.Data sensitivity levels
• E.Method of attack used

Comment: *

Name: *

Email: *

Verification: *