Chapter 3 - U.S. Compliance Laws and Information Security Policy Requirements




When creating laws and regulations, the government's sole concern is the privacy of the individual.
  1. True
  2. False

Which of the following are pressures on creating security policies?
  1. Shareholder value
  2. Regulations
  3. Technology vulnerabilities and limitations
  4. B and C only
  5. All of the above

Which of the following laws require proper security controls for handling privacy data?
  1. HIPAA
  2. GLBA
  3. FERPA
  4. B and C Only
  5. All of the above

Which of the following are control objectives for PCI DSS?
  1. Maintain an information security policy
  2. Protect cardholder data
  3. Alert when credit cards are illegally used
  4. A and B only
  5. None of the above

Nation-state attacks that try to disrupt the country's critical infrastructure are sometimes referred to as ________.

Health care providers are those that process and facilitate billing.
  1. True
  2. False

The law that attempts to limit children's exposure to sexually explicit material is ________.

The only consideration in protecting personal customer information is legal requirements.
  1. True
  2. False

You should always write new security policies each time a new regulation is issued.
  1. True
  2. False

What should you ask for to gain confidence that a vendor's security controls are adequate?
  1. An SSAE16 Type I audit
  2. An SSAE16 Type II audit
  3. A list of all internal audits
  4. All of the above

Why is it important to map regulatory requirements to policies and controls?
  1. To demonstrate compliance to regulators
  2. To ensure regulatory requirements are covered
  3. To demonstrate the importance of a security control
  4. All of the above

Who typically writes a report to the board of directors on the current state of information security within a company?
  1. Chief risk officer
  2. Chief information officer
  3. Chief information security officer
  4. A and B
  5. B and C
  6. A, B, and C




Answers
1. 
B
2. 
E
3. 
E
4. 
D
5. 
Cyberterrorism or cyberwarfare
6. 
B
7. 
CIPA
8. 
B
9. 
B
10. 
B
11. 
D
12. 
D

Comments

Post a Comment

Popular posts from this blog

Solar System Overview Questions and Answers

Image
Which planet is the most massive? Jupiter Which planet type tends to be high mass? Jovian Which planet is the least massive? Mercury Which planet type tends to be low mass? Terrestrial Which planet type tends to be high-density Terrestrial Which planet type tends to be small? Terrestrial Which planet type tends to have many natural satellites? Jovian If Pluto were a planet, which type would it be, if you consider only its size? Terrestrial If Pluto were a planet, which type would it be, if you consider only its density? Jovian If Pluto were a planet, which type would it be, if you consider only its number of satellites? Terrestrial What were the three major components of the solar nebula? Rock and Metal, Hydrogen Compounds, Hydrogen and Helium Gas Which components exist in solid form inside the Rock/Metal condensation line? (By ‘inside’ we mean closer to the center or closer to the protosun.) Non...
Read more

Extra Solar Planets Question and Answer

Image
Drag the phase slider left and right to move the planet into and out of transit mode. The normalized flux (relative amount of star light reaching an observer on Earth) when the planet is off to the side (not transiting) is _________ while the normalized flux when the planet is transiting is __________. (Hint: examine the plot at the top of the applet while you move the phase slider. The number you are looking for is on the left of the plot.) 1.000, 0.990 Now, decrease the planet size by sliding the Planet Properties ‘radius’ slider to the left until it is one-tenth (0.100) the radius of Jupiter. For this configuration, the normalized flux (relative amount of star light reaching an observer on Earth) when the planet is off to he side (not transiting) is ________ while the normalized flux when the planet is transiting is __________. 1.00000, 0.99990 Referring to the two questions above, the transit detection method relies on the difference between the flux when the pl...
Read more