首页  /     /   在线练习

更新时间: 试题数量: 购买人数: 提供作者:

有效期: 个月

章节介绍: 共有个章节

收藏
搜索
题库预览
Amanda has been asked to ensure that her organization’s controls assessment procedures match the specific systems that the company uses. What activity best matches this task?
Amanda被要求确保其组织的控制评估程序与公司使用的特定系统相匹配。什么活动最适合此任务?
Chris is responsible for his organization’s security standards and has guided the selection and implementation of a security baseline for Windows PCs in his organization. How can Chris most effectively make sure that the workstations he is responsible for are being checked for compliance and that settings are being applied as necessary?
Chris负责其组织的安全标准,并指导其组织中Windows PC安全基线的选择和实施。Chris如何才能最有效地确保检查他负责的工作站的合规性,并在必要时应用设置?
Frank is reviewing his company’s data lifecycle and wants to place appropriate controls around the data collection phase. Which of the following ensures that data subjects agree to the processing of their data?
Frank正在审查公司的数据生命周期,并希望对数据收集阶段进行适当的控制。以下哪项确保数据主体同意处理其数据?
As a DBA, Amy’s data role in her organization includes technical implementations of the
Data policies and standards, as well as managing the data structures that the data is stored in. What data role best fits what Amy does?
作为一名DBA,Amy在组织中的数据角色包括数据策略和标准的技术实现,以及管理存储数据的数据结构。什么样的数据角色最适合Amy的工作?
The company Jim works for suffered from a major data breach in the past year and now wants to ensure that it knows where data is located and if it is being transferred, is being copied to a thumb drive, or is in a network file share where it should not be. Which of the following solutions is best suited to tagging, monitoring, and limiting where files are transferred to?
Jim工作的公司在过去的一年中遭受了重大数据泄露,现在希望确保它知道数据的位置,以及数据是否正在传输、复制到thumb驱动器,或者是否在网络文件共享中,而这些都不应该存在。以下哪种解决方案最适合标记、监视和限制文件传输到的位置?
What security measure can provide an additional security control in the event that backup tapes are stolen or lost?
在备份磁带被盗或丢失的情况下,什么安全措施可以提供额外的安全控制?
Joe works at a major pharmaceutical research and development company and has been tasked with writing his organization’s data retention policy. As part of its legal requirements, the organization must comply with the US Food and Drug Administration’s Code of Federal Regulations Title 21. To do so, it is required to retain records with electronic signatures. Why would a signature be part of a retention requirement?
Joe在一家大型制药研发公司工作,负责编写公司的数据保留政策。作为其法律要求的一部分,该组织必须遵守美国食品和药物管理局的《联邦法规》第21篇。为此,需要保留带有电子签名的记录。为什么签名会成为保留要求的一部分?
Susan wants to manage her data’s lifecycle based on retention rules. What technique can she use to ensure that data that has reached the end of its lifecycle can be identified and disposed of based on her organization’s disposal processes?
Susan希望根据保留规则管理数据的生命周期。她可以使用什么技术来确保已到达其生命周期末尾的数据可以根据其组织的处置流程进行识别和处置?
Ben has been asked to scrub data to remove data that is no longer needed by his organiza-tion. What phase of the data lifecycle is Ben most likely operating in?
Ben被要求清理数据,以删除其组织不再需要的数据。Ben最有可能在数据生命周期的哪个阶段运行?
Steve is concerned about the fact that employees leaving his organization were often privy to proprietary information. Which one of the following controls is most effective against this threat?
Steve担心的是,离开公司的员工往往不知道专有信息。以下哪一种控制措施最能有效应对这种威胁?
Alex works for a government agency that is required to meet US federal government require-ments for data security. To meet these requirements, Alex has been tasked with making sure data is identifiable by its classification level when it is createD.What should Alex do to the data?
Alex为一家政府机构工作,该机构需要满足美国联邦政府对数据安全的要求。为了满足这些要求,Alex的任务是确保数据在创建时可以通过其分类级别进行识别。Alex应该如何处理数据?
Ben is following the National Institute of Standards and Technology (NIST) Special Pub-lication 800-88 guidelines for sanitization and disposition as shown here. He is handling information that his organization classified as sensitive, which is a moderate security catego-rization in the NIST model. If the media is going to be sold as surplus, what process does Ben need to follow?
Ben遵循美国国家标准与技术研究所(NIST)发布的800-88《卫生处理和处置指南》,如图所示。他正在处理其组织归类为敏感的信息,这在NIST模型中属于中等安全类别。如果媒体将以剩余形式出售,Ben需要遵循什么流程?
(含图)
Chris has recently been hired into a new organization. The organization that Chris belongs to uses the following classification process:
克里斯最近受雇于一个新的组织。Chris所属的组织使用以下分类过程:
1) Criteria are set for classifying data. 为数据分类设置了标准。
2) Data owners are established for each type of data. 为每种类型的数据建立数据所有者。
3) Data is classified. 数据是分类的。
4) Required controls are selected for each classification. 为每个分类选择所需的控制。
5) Baseline security standards are selected for the organization. 为组织选择基线安全标准。
6) Controls are scoped and tailored. 控件的范围是限定的,并且是定制的。
7) Controls are applied and enforced. 应用并强制执行控制。
8) Access is granted and managed. 授予并管理访问权限。
If Chris is one of the data owners for the organization, what steps in this process is he most likely responsible for?
如果Chris是组织的数据所有者之一,他最有可能负责该过程中的哪些步骤?
Chris has recently been hired into a new organization. The organization that Chris belongs to uses the following classification process:
克里斯最近受雇于一个新的组织。Chris所属的组织使用以下分类过程:
1) Criteria are set for classifying data. 为数据分类设置了标准。
2) Data owners are established for each type of data. 为每种类型的数据建立数据所有者。
3) Data is classified. 数据是分类的。
4) Required controls are selected for each classification. 为每个分类选择所需的控制。
5) Baseline security standards are selected for the organization. 为组织选择基线安全标准。
6) Controls are scoped and tailored. 控件的范围是限定的,并且是定制的。
7) Controls are applied and enforced. 应用并强制执行控制。
8) Access is granted and managed. 授予并管理访问权限。
Chris manages a team of system administrators. What data role are they fulfilling if they con-duct steps 6, 7, and 8 of the classification process?
Chris管理着一个系统管理员团队。如果他们执行分类过程的步骤6、7和8,他们将扮演什么样的数据角色?
Chris has recently been hired into a new organization. The organization that Chris belongs to uses the following classification process:

克里斯最近受雇于一个新的组织。Chris所属的组织使用以下分类过程:

1)Criteria are set for classifying data. 为数据分类设置了标准。

2)Data owners are established for each type of data. 为每种类型的数据建立数据所有者。

3)Data is classified. 数据是分类的。

4)Required controls are selected for each classification. 为每个分类选择所需的控制。

5)Baseline security standards are selected for the organization. 为组织选择基线安全标准。

6)Controls are scoped and tailored. 控件的范围是限定的,并且是定制的。

7)Controls are applied and enforced. 应用并强制执行控制。

8)Access is granted and managed. 授予并管理访问权限。

If Chris’s company operates in the European Union and has been contracted to handle the data for a third party, what role is his company operating in when it uses this process to clas-sify and handle data?

如果Chris的公司在欧盟运营,并与第三方签订了处理数据的合同,那么当Chris的公司使用此流程分类和处理数据时,它将扮演什么角色?

Chris has been put in charge of his organization’s IT service management effort, and part of that effort includes creating an inventory of both tangible and intangible assets. As a security professional, you have been asked to provide Chris with security-related guidance on each of the following topics. Your goal is to provide Chris with the best answer from each of the options, knowing that in some cases more than one of the answers could be acceptable.

Chris负责组织的IT服务管理工作,其中一部分工作包括创建有形和无形资产的库存。作为一名安全专业人员,您被要求为Chris提供以下每个主题的安全相关指导。你的目标是从每个选项中为Chris提供最佳答案,知道在某些情况下,不止一个答案是可以接受的。

Chris needs to identify all of the active systems and devices on the network. Which of the fol-lowing techniques will give him the most complete list of connected devices?

Chris需要识别网络上的所有活动系统和设备。以下哪项技术将为他提供最完整的连接设备列表?

Chris has been put in charge of his organization’s IT service management effort, and part of that effort includes creating an inventory of both tangible and intangible assets. As a security professional, you have been asked to provide Chris with security-related guidance on each of the following topics. Your goal is to provide Chris with the best answer from each of the options, knowing that in some cases more than one of the answers could be acceptable.

Chris负责组织的IT服务管理工作,其中一部分工作包括创建有形和无形资产的库存。作为一名安全专业人员,您被要求为Chris提供以下每个主题的安全相关指导。你的目标是从每个选项中为Chris提供最佳答案,知道在某些情况下,不止一个答案是可以接受的。

Chris knows that his inventory is only accurate at the moment it was completeD.How can he best ensure that it remains up-to-date?

Chris知道他的库存只有在完成时才是准确的。他如何才能最好地确保它保持最新?

Chris has been put in charge of his organization’s IT service management effort, and part of that effort includes creating an inventory of both tangible and intangible assets. As a security professional, you have been asked to provide Chris with security-related guidance on each of the following topics. Your goal is to provide Chris with the best answer from each of the options, knowing that in some cases more than one of the answers could be acceptable.

Chris负责组织的IT服务管理工作,其中一部分工作包括创建有形和无形资产的库存。作为一名安全专业人员,您被要求为Chris提供以下每个主题的安全相关指导。你的目标是从每个选项中为Chris提供最佳答案,知道在某些情况下,不止一个答案是可以接受的。

Chris knows that his organization has more than just physical assets. In fact, his organi-zation’s business involves significant intellectual property assets, including designs and formulas. Chris needs to track and inventory those assets as well. How can he most effec-tively ensure that he can identify and manage data throughout his organization based on its classification or type?

Chris知道他的组织不仅仅拥有有形资产。事实上,他的组织业务涉及大量知识产权资产,包括设计和公式。Chris还需要跟踪和清点这些资产。他如何才能最有效地确保能够根据数据的分类或类型识别和管理整个组织中的数据?

Chris has been tasked with identifying intangible assets but needs to provide his team with
A list of the assets they will be inventorying. Which of the following is not an example of an intangible asset?
Chris的任务是识别无形资产,但需要向他的团队提供他们将要盘点的资产清单。以下哪项不是无形资产的示例?
Which of the following is not a common requirement for the collection of data under data privacy laws and statutes?
以下哪项不是数据隐私法律和法规下收集数据的常见要求?
1 6 7 8 9 10 65
更多题库
电机检修初级工
沟通复习题题库3
沟通课复习题库2
沟通课复习题库1
党史应知应会
内燃机车副司机
中专内科十一月份
配电线路试卷B+C
CD大大方方
2000-判断
入学教育单选
“学史忆征程 永远跟党走”党史知识竞赛题库
判断网店运营
另一个二号线题
岗位胜任能力
新阿里云人工智能ACP