100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
CMIT 425 Questions and Answers $12.99   Add to cart
Quickly navigate to
Preview
  2.  
  3. Cmit
  4.  
  5. Cmit

Exam (elaborations)

CMIT 425 Questions and Answers
 0 view  0 purchase
  • Course
  • Cmit
  • Institution
  • Cmit

CMIT 425 Questions and Answers A ___________ is a potential danger which occurs when a ___________ exploits a vulnerability. threat, threat agent Which of the following is NOT a category of control types? protects or assures the accuracy and reliability of information and systems. ...

[Show more]

Preview 2 out of 5  pages

Document information

  • September 19, 2024
  • 5
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

  • cmit 425 questions and answers
  • a is a potential danger which occurs w
  • which of the following is not a category of contro

Written for

  • Cmit
  • Cmit

Seller

avatar-seller
Pogba119

Content preview

CMIT 425 Questions and Answers
A ___________ is a potential danger which occurs when a ___________ exploits a
vulnerability. - answer threat, threat agent

Which of the following is NOT a category of control types? - answer protects or
assures the accuracy and reliability of information and systems.

Integrity is the principle that _________________. - answer

An exposure occurs when a vulnerability _____________. - answer creates the
possibility of incurring a loss or experiencing harm.

Confidentiality can be protected by implementing which of the following controls? -
answer Software digital signing to verify recipients.


Data hiding and data obscuring techniques.

Encrypting data at rest and in transit.

Clustering and load balancing are controls that ________ - answer map to the
Availability component of the AIC triad.

Balanced security refers to _____________ - answer weighing choices in controls
against the magnitude of risk presented by a variety of threats.

addressing threats and implementing controls for availability, integrity, and
confidentiality.

understanding the concepts of the AIC triad.

Which of the following best describes a security program? - answer A group of
standards, regulations, and best-practices.

An organization within an enterprise that houses business activities related to providing
security.

A framework made up of many entities that work together to provide protection for an
organization.

Which of the following is used to reduce the risk of vulnerabilities in purchased or
acquired hardware and software products? - answer Supply Chain Risk
Management

, Hashing is a control that _______ - answer maps to the Integrity component of the
AIC triad.

Which category of control types is referred to as "soft controls?" - answer
Administrative

Risk can be reduced by _____________. - answer applying countermeasures to
eliminate vulnerabilities.

Which of the following statements is true? - answer PCI-DSS is a federal law that
protects the privacy of credit card transactions.

USA Patriot Act broadens privacy protections for federal law enforcement agents and
immigration authorities.

FISMA applies to federal agencies and their contractors.

Which of the following guidance documents specifically addresses security controls
required for information systems owned by or operated for the U.S. Federal
Government? - answer NIST SP-800-53

A control is _____________ - answer used to reduce or mitigate risks.

Which of the following best describes leadership behaviors which promote ethical
behavior amongst employees? - answer Tone at the Top

Which category of control types is also referred to as "logical controls? - answer
Technical

A weakness in a system that allows malware to compromise security is called a
_________. - answer vulnerability

________ is a legal obligation applied to executives which stockholders can use to sue
company leaders who fail to protect a company's assets from harm or loss. - answer
Due notice
Due diligence
Due performance

Availability is the principle which ensures ____________. - answer reliability and
timely access to data and other resources by authorized individuals.

A ______ is a document which defines mandatory activities, actions, or rules. - answer
Standard

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Pogba119. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $12.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

72349 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$12.99
  • (0)
  Add to cart