Interested to Buy Any Domain ? << Click Here >> for more details...
The FIRST step in data classification is to:
A. establish ownership.
B. perform a criticality analysis.
C. define access rules.
D. create a data dictionary.
- 1 Answers
- 11295 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Data classification is necessary to define access rules
based on a need-to-do and need-to-know basis. The data owner
is responsible for defining the access rules are, hence
establishment of ownership is the first step in data
classification. The other choices are incorrect. A
criticality analysis is required for protection of data,
which takes input from data classification. Access
definition is complete after data classification and input
for a data dictionary is prepared from the data
classification process.
| Is This Answer Correct ? | 8 Yes | 1 No |
A number of system failures are occurring when corrections to previously detected errors are resubmitted for acceptance testing. This would indicate that the maintenance team is probably not adequately performing which of the following types of testing? A. Unit testing B. Integration testing C. Design walk-throughs D. Configuration management
During a review of a business continuity plan, an IS auditor noticed that the point at which a situation is declared to be a crisis has not been defined. The MAJOR risk associated with this is that: A. assessment of the situation may be delayed. B. execution of the disaster recovery plan could be impacted. C. notification of the teams might not occur. D. potential crisis recognition might be delayed.
Which of the following types of transmission media provide the BEST security against unauthorized access? A. Copper wire B. Twisted pair C. Fiber-optic cables D. Coaxial cables
An organization is considering connecting a critical PC-based system to the Internet. Which of the following would provide the BEST protection against hacking? A. An application-level gateway B. A remote access server C. A proxy server D. Port scanning
The BEST method of proving the accuracy of a system tax calculation is by: A. detailed visual review and analysis of the source code of the calculation programs. B. recreating program logic using generalized audit software to calculate monthly totals. C. preparing simulated transactions for processing and comparing the results to predetermined results. D. automatic flowcharting and analysis of the source code of the calculation programs.
Java applets and ActiveX controls are distributed executable programs that execute in the background of a web browser client. This practice is considered reasonable when: A. a firewall exists. B. a secure web connection is used. C. the source of the executable is certain. D. the host website is part of your organization.
During an IT audit of a large bank, an IS auditor observes that no formal risk assessment exercise has been carried out for the various business applications to arrive at their relative importance and recovery time requirements. The risk that the bank is exposed to is that the: A. business continuity plan may not have been calibrated to the relative risk that disruption of each application poses to the organization. B. business continuity plan may not include all relevant applications and therefore may lack completeness in terms of its coverage. C. business impact of a disaster may not have been accurately understood by the management. D. business continuity plan may lack an effective ownership by the business owners of such applications.
Which of the following is the most important element in the design of a data warehouse? A. Quality of the metadata B. Speed of the transactions C. Volatility of the data D. Vulnerability of the system
Large-scale systems development efforts: A. are not affected by the use of prototyping tools. B. can be carried out independent of other organizational practices. C. require that business requirements be defined before the project begins. D. require that project phases and deliverables be defined during the duration of the project.
In an EDI process, the device which transmits and receives electronic documents is the: A. communications handler. B. EDI translator. C. application interface. D. EDI interface.
Of the following, the MAIN purpose for periodically testing offsite backup facilities is to: A. ensure the integrity of the data in the database. B. eliminate the need to develop detailed contingency plans. C. ensure the continued compatibility of the contingency facilities. D. ensure that program and system documentation remains current.
The use of a GANTT chart can: A. aid in scheduling project tasks. B. determine project checkpoints. C. ensure documentation standards. D. direct the post-implementation review.
Cisco Certifications 
