quiz

/in /by

QUESTION 1

  1. PCI DSS is a law that provides for civil and criminal penalties if merchants don’t protect customer credit card data. True
    False

10.00000 points   

QUESTION 2

  1. The purpose of the NIST SP 800-37 is to provide guidance to Federal agencies for applying the Risk Management Framework to information systems. True
    False

10.00000 points   

QUESTION 3

  1. Which of the following is not a main goal of PCI DSSa.Protect cardholder datab.Build and maintain a compliant secure network for handling credit cardsc.Implement strong access controlsd.Monitor credit card activity

10.00000 points   

QUESTION 4

  1. Which is not a way to protect cardholder dataa.Limit display of the credit card number to only the first six digits of the account.b.Encrypt cardholder data when transmitting it.c.Limit display of the credit card number to only the last four digits of the account.d.Write the card information down when you accept it, in case it has to be retransmitted later.

10.00000 points   

QUESTION 5

  1. Which of the following is NOT an IT Governance Focus Area of COBIT?a.Ensuring that an IT Program is aligned with business goals.b.Measuring program effectiveness.c.Dictating security controls that must be implemented in your program.d.Defining proper management of IT infrastructure and resources.

10.00000 points   

QUESTION 6

  1. Which organization developed COBIT?a.IEEEb.ISOc.NISTd.ISACA

10.00000 points   

QUESTION 7

  1. Which of the following is not a benefit to implementing COBIT?a.Reduced operational riskb.Ability to offer better IT servicesc.Reduced costsd.Clear policy development

10.00000 points   

QUESTION 8

  1. Which of the following is not one of NIST’s six-step RMF processes?a.Categorizing security requirements to understand what security controls baseline need to be installedb.Selecting security controls to be implemented.c.Performing an assessment on security controls before authorizing the system or application’s use.d.Hiring personnel to manage the security program.

10.00000 points   

QUESTION 9

  1. When an IT system is ready to be deployed by a Federal agency, it must undergo a security assessment and be authorized.  Which role can serve as an authorizing official (AO)?a.Senior Managementb.Security Compliance Auditorc.System Administratord.Security Officer

10.00000 points   

QUESTION 10

  1. Which NIST guidance document provides detailed instructions for performing Information Security Continuous Monitoring?a.NIST SP 800-30b.NIST SP 800-137c.NIST SP 800-53d.NIST SP 800-60

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now