Who should DECIDE how a company should approach security and what security measures should be implemented?谁应该决定一个公司应该如何对待安全以及实施什么样的安全措施?()A、Data owner 数据拥有者B、Auditor 审计员C、The information security specialist 信息安全专家D、Senior management 高级管理者
Who should DECIDE how a company should approach security and what security measures should be implemented?谁应该决定一个公司应该如何对待安全以及实施什么样的安全措施?()
- A、Data owner 数据拥有者
- B、Auditor 审计员
- C、The information security specialist 信息安全专家
- D、Senior management 高级管理者
相关考题:
In bringing up the concept of GASP the author is making the point that[A] shareholders interests should be properly attended to.[B] information protection should be given due attention.[C] businesses should enhance their level of accounting security.[D] the market value of customer data should be emphasized.
( )contributes to monitoring and data collection by defining security monitoring and data collection requirements.A.information continuity managementB.information catalogue managementC.information security managementD.information distribution management
Who should measure the effectiveness of Information System security related controls in an organization?在一个组织内,谁应该衡量信息系统安全相关控制的有效性?()A、The local security specialist本地安全专家B、The systems auditor系统审计师C、The central security manager中心安全经理D、The business manager业务经理
What is a "system high" security policy?什么是一个“系统高”的安全策略?()A、A system where all users are cleared to view the most highly classified data on the system.系统上的所有用户被许可查看最高级别的数据B、A system that contains only data of one security classification.只包含一个安全级别的数据C、A system with data that contains only data of the highest security classification.只包含最高安全级别的数据D、A system that uses a Multi-Level Security Policy to separate the highly classified data from the other data residing on the system.使用多级安全策略去划分高级别数据和其他数据。
What are two important approaches to communicate when identifying a customer’s security risks? (Choose two.) ()A、 Smaller companies are at less risk than larger enterprises, so their security needs are not as great.B、 Business strategy should directly relate to the security policy and budget.C、 The designated security expert should report to the IT department, since that is where thesolution will be implemented.D、 Security should be a continuous process.E、 Security solutions should come from multiple vendors to make it easier to coordinate security events from the point of origin.
Which two statements about Cisco Security Management Suite are correct?()A、It should be implemented in a management VLAN.B、Its connection to managed devices should be over a data VLAN.C、It is made up of Cisco Security MARS and Clean Access software.D、It should be deployed as close to the edge of the network as possible.E、It delivers policy administration and enforcement for the Cisco Self-Defending Network.
Which of the following is given the responsibility of the maintenance and protection of the data?下列哪一角色对数据的维护和保护负有责任()A、Security administrator 安全管理员B、Data custodian 数据管理者C、Data owner 数据拥有者D、User 用户
Which must bear the primary responsibility for determining the level of protection needed for information systems resources?哪一个角色必须承担决定信息系统资源保护级别的主要责任?()A、IS security specialists IS安全专家B、Senior Management高级管理层C、Senior security analysts高级安全分析师D、systems Auditors系统审计师
The security team has implemented new guidelines on how to handle sensitive information storedon workstations based on a past incident involving information found on donated workstations.Which of the following should be completed by technicians before donating the workstations?()A、Install a new operating systemB、Delete users’ data before donationC、Write the drive with 1’s and 0’s three timesD、Delete all partitions of the hard drive
Which of the following security policies is BEST to use when trying to mitigate the risks involved with allowing a user to access company email via their cell phone?()A、The cell phone should require a password after a set period of inactivity.B、The cell phone should only be used for company related emails.C、The cell phone data should be encrypted according to NIST standards.D、The cell phone should have data connection abilities disabled.
An administrator was asked to log information on possible security breaches on a server. To which file should additional entries be added to capture this information()A、/var/adm/sulogB、/etc/syslog.confC、/etc/security/sysck.cfgD、/etc/security/syslog.conf
A system administrator was asked to log information on possible security breaches on a server. Which file should additional entries be added to capture this information?()A、/var/adm/sulogB、/etc/syslog.confC、/etc/security/sysck.cfgD、/etc/security/login.cfg
You need to recommend a solution for managing the address information of the user accounts. The solution must meet the company’s security requirements. What should you include in the recommendation?()A、Active Directory delegationB、Authorization ManagerC、built-in security groupsD、user rights assignments
You need to recommend a management solution for Server1 that meets the company's security requirements. What should you include in the recommendation?()A、access-based enumeration (ABE)B、Authentication Mechanism AssuranceC、Authorization ManagerD、Hyper-V Manager
You work in a company which is named Wiikigo Corp. The company uses SQL Server 2008. You are the administrator of the company database. Now you are in charge of a SQL Server 2008 instance.You must make sure that all SQL Server instances are consistently configured for naming conventions, security settings, force index creation and avoidance of data fragmentation. So what action should you perform to achieve this goal?() A、You should use the Database Engine Tuning Advisor. B、In Microsoft SQL Server Management Studio, you should create a maintenance plan C、You should use the SQL Server Configuration Manager D、In Microsoft SQL Server Management Studio, you should create a policy
You need to recommend a security strategy for WebApp2 that meets the company’s applicaton requirements.What should you include in the recommendation?()A、Basic authentication and connection security rulesB、Basic authentication and SSLC、Digest authentication and connection security rulesD、Digest authentication and SSL
多选题Which two statements about Cisco Security Management Suite are correct?()AIt should be implemented in a management VLAN.BIts connection to managed devices should be over a data VLAN.CIt is made up of Cisco Security MARS and Clean Access software.DIt should be deployed as close to the edge of the network as possible.EIt delivers policy administration and enforcement for the Cisco Self-Defending Network.
单选题What is a "system high" security policy?什么是一个“系统高”的安全策略?()AA system where all users are cleared to view the most highly classified data on the system.系统上的所有用户被许可查看最高级别的数据BA system that contains only data of one security classification.只包含一个安全级别的数据CA system with data that contains only data of the highest security classification.只包含最高安全级别的数据DA system that uses a Multi-Level Security Policy to separate the highly classified data from the other data residing on the system.使用多级安全策略去划分高级别数据和其他数据。
单选题You work in a company which is named Wiikigo Corp. The company uses SQL Server 2008. You are the administrator of the company database. Now you are in charge of a SQL Server 2008 instance.You must make sure that all SQL Server instances are consistently configured for naming conventions, security settings, force index creation and avoidance of data fragmentation. So what action should you perform to achieve this goal?()AYou should use the Database Engine Tuning Advisor. BIn Microsoft SQL Server Management Studio, you should create a maintenance plan CYou should use the SQL Server Configuration Manager DIn Microsoft SQL Server Management Studio, you should create a policy
单选题You need to recommend a management solution for Server1 that meets the company's security requirements. What should you include in the recommendation?()Aaccess-based enumeration (ABE)BAuthentication Mechanism AssuranceCAuthorization ManagerDHyper-V Manager
单选题Who should measure the effectiveness of Information System security related controls in an organization?在一个组织内,谁应该衡量信息系统安全相关控制的有效性?()AThe local security specialist本地安全专家BThe systems auditor系统审计师CThe central security manager中心安全经理DThe business manager业务经理
单选题The Ship Security Plan should indicate the operational and physical () the ship itself should take to ensure it always operates at security level 1.Aprecaution measuresBsafety measuresCsecurity measuresDemergency response measures
多选题What are two important approaches to communicate when identifying a customer’s security risks? (Choose two.) ()ASmaller companies are at less risk than larger enterprises, so their security needs are not as great.BBusiness strategy should directly relate to the security policy and budget.CThe designated security expert should report to the IT department, since that is where thesolution will be implemented.DSecurity should be a continuous process.ESecurity solutions should come from multiple vendors to make it easier to coordinate security events from the point of origin.
单选题According to the ISPS Code, for a sailing ship, the following except()should be onboard.Aa ship security planBa ship security officerCa company security officerDcertain onboard equipments
单选题Who should DECIDE how a company should approach security and what security measures should be implemented?谁应该决定一个公司应该如何对待安全以及实施什么样的安全措施?()AData owner 数据拥有者BAuditor 审计员CThe information security specialist 信息安全专家DSenior management 高级管理者
单选题Stephen Smith feels thatAthe security of information on the network used to be a worry.Ball the data should be stored on the same system.Cthe company’s computer-based information is well-protected.
单选题Which must bear the primary responsibility for determining the level of protection needed for information systems resources?哪一个角色必须承担决定信息系统资源保护级别的主要责任?()AIS security specialists IS安全专家BSenior Management高级管理层CSenior security analysts高级安全分析师Dsystems Auditors系统审计师