CSCI501 Quiz_Security Operations

12/3/23, 9:41 PM Quiz: Security Operations, Auditing, Testing, and Monitoring: CSCI501: Overview of Computer Security (D02) Online Residential Athletics Request Info Apply Now VisitUs Create Guest Account Sign In Quiz: Security Operations, Auditing, Testing, and Monitoring Due Dec 3 at 11:59pm Points 10 Questions 10 Time Limit 30 Minutes Instructions The quiz: e Covers the Learn material from Module 6: Week 6. Contains 10 multiple-choice and true/false questions. Is limited to 30 minutes. Allows 1 attempt. Is worth 10 points. Submit this assignment by 11:59 p.m. (ET) on Sunday of Module 6: Week 6. Attempt History Attempt Time Score LATEST Attempt 1 25 minutes 10 out of 10 (D Correct answers are hidden. Score for this quiz: 10 out of 10 Submitted Dec 3 at 9:40pm This attempt took 25 minutes. Question 1 1/1pts Omar is an infrastructure security professional. After reviewing a set of professional ethics issued by his company, he is learning and adopting ethical boundaries in an attempt to demonstrate them to others. What is this called? https://canvas.liberty.edu/courses/510831/quizzes/2610936 1/6

12/3/23, 9:41 PM Quiz: Security Operations, Auditing, Testing, and Monitoring: CSCI501: Overview of Computer Security (D02) Encouraging the adoption of ethical guidelines and standards Informing users through security awareness training Communicating the freedom to access all system resources Understanding common assumptions that lead computer users to unethical behavior Question 2 1/1pts What is the least likely goal of an information security awareness program? Teach users about security objectives Inform users about trends and threats in security Motivate users to comply with security policy Punish users who violate policy Question 3 1/1pts True or False? Change does not create risk for a business. True False https://canvas.liberty.edu/courses/510831/quizzes/2610936 2/6

12/3/23, 9:41 PM Quiz: Security Operations, Auditing, Testing, and Monitoring: CSCI501: Overview of Computer Security (D02) True or False? After audit activities are completed, auditors perform data analysis. True False Question 7 1/1pts Emily is the information security director for a large company that handles sensitive personal information. She is hiring an auditor to conduct an assessment demonstrating that her firm is satisfying requirements regarding customer private data. What type of assessment should she request? Service Organization Control (SOC) 1 Service Organization Control (SOC) 2 Service Organization Control (SOC) 3 Statement on Auditing Standards (SAS) 70 Question 8 1/1pts Antonio is responsible for tuning his organization's intrusion detection system. He notices that the system reports an intrusion alert each time that an administrator connects to a server using Secure Shell (SSH). What type of error is occurring? Remote administration error https://canvas.liberty.edu/courses/510831/quizzes/2610936 4/6

12/3/23, 9:41 PM Quiz: Security Operations, Auditing, Testing, and Monitoring: CSCI501: Overview of Computer Security (D02) False positive error Clipping error False negative error Question 9 1/1pts True or False? An American Institute of Certified Public Accountants (AICPA) Service Organization Control (SOC) 1 report is commonly implemented for organizations that must comply with Sarbanes-Oxley (SOX) or the Gramm-Leach-Bliley Act (GLBA). True False Question 10 1/1 pts Aditya is a network technician. He is collecting system data for an upcoming internal system audit. He is currently performing vulnerability testing to determine what weaknesses may exist in the network's security. What form of assessment is he conducting? Checklists Observation Security testing Configuration review https://canvas.liberty.edu/courses/510831/quizzes/2610936 5/6