Interested to Buy Any Domain ? << Click Here >> for more details...
Confidential data residing on a PC is BEST protected by:
A. a password.
B. file encryption.
C. removable diskettes.
D. a key operated power source.
- 1 Answers
- 6373 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
File encryption is the best means of protecting confidential
data in a PC. A key-operated power source, password or
removable diskettes will only restrict access, and the data
will still be viewable using electronic eavesdropping
techniques. Only encryption provides confidentiality. A
password also may not be the best method of protection since
passwords can be compromised. Removable diskettes do provide
some security for information if they are locked away so
only authorized individuals can gain access. However, if
obtained by unauthorized individuals, information can be
accessed easily. A key-operated power source can be bypassed
by obtaining power from another source.
| Is This Answer Correct ? | 6 Yes | 0 No |
Which of the following BEST determines that complete encryption and authentication protocols exist for protecting information while transmitted? A. A digital signature with RSA has been implemented. B. Work is being done in tunnel mode with the nested services of AH and ESP C. Digital certificates with RSA are being used. D. Work is being done in transport mode, with the nested services of AH and ESP
Which of the following is critical to the selection and acquisition of the correct operating system software? A. Competitive bids B. User department approval C. Hardware-configuration analysis D. Purchasing department approval
A strength of an implemented quality system based on ISO 9001 is that it: A. guarantees quality solutions to business problems. B. results in improved software life cycle activities. C. provides clear answers to questions concerning cost-effectiveness. D. does not depend on the maturity of the implemented quality system.
Which of the following is a detective control? A. Physical access controls B. Segregation of duties C. Backup procedures D. Audit trails
The primary goal of a web site certificate is: A. authentication of the web site to be surfed through. B. authentication of the user who surfs through that site. C. preventing surfing of the web site by hackers. D. the same purpose as that of a digital certificate.
When auditing security for a data center, an IS auditor should look for the presence of a voltage regulator to ensure that the: A. hardware is protected against power surges. B. integrity is maintained if the main power is interrupted. C. immediate power will be available if the main power is lost. D. hardware is protected against long-term power fluctuations.
During an IT audit of a large bank, an IS auditor observes that no formal risk assessment exercise has been carried out for the various business applications to arrive at their relative importance and recovery time requirements. The risk that the bank is exposed to is that the: A. business continuity plan may not have been calibrated to the relative risk that disruption of each application poses to the organization. B. business continuity plan may not include all relevant applications and therefore may lack completeness in terms of its coverage. C. business impact of a disaster may not have been accurately understood by the management. D. business continuity plan may lack an effective ownership by the business owners of such applications.
Which of these has the potential to improve security incident response processes? A. Review the incident response procedures. B. Post-mortem or post-event reviews by the security team. C. Getting the hot-site ready. D. Reviw the BCP plan every six months
A proposed transaction processing application will have many data capture sources and outputs in both paper and electronic form. To ensure that transactions are not lost during processing, the IS auditor should recommend the inclusion of: A. validation controls. B. internal credibility checks. C. clerical control procedures. D. automated systems balancing.
Which of the following IS functions may be performed by the same individual, without compromising on control or violating segregation of duties? A. Job control analyst and applications programmer B. Mainframe operator and system programmer C. Change/problem and quality control administrator D. Applications and system programmer
Which of the following independent duties is traditionally performed by the data control group? A. Access to data B. Authorization tables C. Custody of assets D. Reconciliation
Assumptions while planning an IS project involve a high degree of risk because they are: A. based on known constraints. B. based on objective past data. C. a result of lack of information. D. often made by unqualified people.
Cisco Certifications 
