Mod 7 test
docx
keyboard_arrow_up
School
Colorado State University, Global Campus *
*We aren’t endorsed by this school
Course
415
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
6
Uploaded by BrigadierLoris3384
u
Certlfy
23FD-ITS415-1
(Based
on
Systems
Security
Certifid
Practtioner
(S5CP)]
(5]
l
v
Correct
Social
engineering
attacks present
a
threat
to
organizations
and
individuals
for
all
of
the
following
reasons
except
which
of
the
following?
v
A
D
Most
targeted
individuals and
organizations
have
effective
tools
and
procedures
to
filter
out
phishing
and
related
scams,
so
they
are
now
better
protected from
such
attacks.
B
Most
people
want
to
be
trusting
and
helpful.
c
Most
targeted
individuals
don't
see
the
harm
in
responding
or
in
answering
simple
questions
posed
by
the
attacker.
D
Most
people
believe
they
are
too
smart
to
fall
for
such
obvious
ploys,
but
they
do
anyway.
Explanation
S
Answer
A
is
correct.
Social
engineering
attacks
are
not
a
threat
to
organizations
and
individuals
who
have
effective
tools
and
procedures
to
filter
out
phishing
and
related
scams.
Options
C,
D,
and
B
all
demonstrate
the
hallmarks
of
social
engineering
attacks—they
work
(and
have
worked
for
thousands
of
years)
because
people
are
generally
trusting,
open,
and
willing
to
engage
with
strangers.
Lesson
Business
Continuity
via
Information
Security
and
People
Power
CIANA
at
Layer
8
and
Above
Exam
Objectives
2.
Security
Operations
and
Administration
2.7.
Participate
in
security
awareness
and
training
CRetry
«
Previous
10f10
Next
»
@
EndTest
&
uCertlfy
23FD-TS415-1
[Based
on
Systems
Security Certfied
Practitioner
(5SCP)
[
XO)
l
v
Correct
Which
statement
about
planning
and plans
is
correct?
A
Plans
are
more
important
than
the
planning
process
itself.
B
Plans
are
living
documents
and
planning
is
non-iterative.
v
c
D
Planning should
continuously
bring
plans and
procedures
in
tune
with
ongoing
operational
reality.
Explanation
Answer
C
is
correct.
ITEM
LIST
Planning
should
be an
ongoing,
continuous,
and
iterative
process;
plans
are
thus
continually
tested
against
reality
so
that
changes
to
plans and
procedures
stay
harmonized.
Option
B
s
incorrect
because
plans
are
not
living
documents
and
planning
is
an
iterative
process.
Option
A
s
incorrect;
plans
are
good,
useful,
and
necessary,
but
it
s
the
planning
process
that
brings
the
team
together
to
better
understand
needs
versus resources.
Business
Continuity
via
Information
Security
and
People
Power
Surviving
to
Operate:
Plan
for
It!
Exam
Objectives
2.
Security
Operations
and
Administration
2.4.
Participate
in
asset
management
<
Rett
&
Previous
20f10
Next
»
@
Ei
ITEM
LIST
ITEM
LIST
uCertify
uCertify
:
23FD-ITS415-1
Based
on
Systems
Security
Certified
Practitioner
(SSCP)]
g
©
@
l
v
Correct
@
Which
of
the
following
types
of
actions
or
responses
would
you
not
expect
to
see
in
an
information
security incident
response
plan?
A
Engaging
with
senior
organizational
leadership
v
B
D
Relocation
of
business
operations
to
alternate
sites
c
Continually
detect
a
potentially
disruptive
incident
D
Using
off-site
systems
and
data
archives
Explanation
Answer
B
is
correct.
The
relocation
of
business
operations
is
typically
part
of
disaster
recovery
plans.
Option
D,
off-site
systems
and
data
archives
may
well
be
used
in
the
restoration
phase
of
an
information
security incident
response.
Options
C
and
A are
parts
of
incident
response,
continuity,
and
recovery
planning.
Business
Continuity
via
Information
Security
and
People
Power
Surviving
to
Operate:
Plan
for
It!
Exam
Objectives
2.
Security
Operations
and
Administration
2.4.
Participate
in
asset
management
&
Previous
30f10
Next
»
@
En
23FD-ITS415-1
(33sed
on
Systems
Security
Certified
Practitioner
(SSCP)]
Erd
©
@
|
v
correct
Which
value
sets
the
maximum
time
lag or
latency
time
for
data
to
be
considered
useful
for
business
operations?
Explanation
Answer
B
is
correct.
The recovery
point
objective
(RPO)
sets
the
maximum
time
lag
or
latency
time
for
data
to
be
considered
useful
for
business
operations.
The
recovery
time
objective
(RTO)
is
the
time
by
which
the
systems
must
be
restored
to
normal
operational functions
after
the
occurrence
of
this
risk
event.
The
maximum
allowable
outage
(MAO)
is
the
greatest
time
period
that
business
operations
can
be
allowed
to
be
disrupted
by
the
risk
event.
The annual
rate
of
occurrence
(ARO)
is
the
anticipated
number
of
times
per
year
that
such
an
event
may
occur.
Business
Continuity
via
Information
Security
and
People
Power
Cloud-Based
“Do-Over”
Buttons
for
Continuity,
Security,
and
Resilience
[
Exam
Objectives
|
3.
Risk
Identification,
Monitoring,
and
Analysis
3.1.
Understand
the
risk
management
process
&«
Previous
40f10
Next
3
@
EndTest
&
uCertlfy
23FD-ITS415-1
(Based
on
Systems
Securiy
Certified
Practitioner
(SSCP)
00
I
v
Correct
Which
statement
about phishing
attacks
is
correct?
v
A
D
Phishing
attacks
of
all
kinds
are
still
in
use
because
they
can
be
effective
social
engineering
tools
when
trying
to
do
reconnaissance
or
gain
ilicit
entry
into
an
organization
or
its
systems.
B
Phishing
attacks
are
not
social
engineering
attacks
C
Spear
phishing
attacks
are
easy
to
detect
with
scanners
or
filters.
D
Phishing
attacks
are
rarely
successful,
and
so
they
pose
a
very
low
risk
to
organizations.
Explanation
Answer
A
is
correct.
Phishing
attacks
of
all
kinds
are
still
in
use
because
they
can
be
effective
social
engineering
tools
when
trying
to
do
reconnaissance
or
gain
illicit
entry
into
an
organization
or
its
systems.
Option
D
is
false;
even
if
thousands
of
phishing
emails
are
sent
as
part
of
a
low-and-slow
attack,
one
response
can
generate
exploitable
information
for
the
attacker.
Option
B
is
false
because
the
phishing
attack
is
a
social
engineering
attack.
Option
C
is
false;
attackers
work
hard
to
mimic
the
style,
format,
expression,
and
construction
of
their
phishing
emails,
and
continually
attempt
to
spoof
email
addresses,
domain
names,
and
so
forth.
Tools
may
filter
a
lot
of
such
junk
email
for
you, but
they
won't
catch
it
all.
Lesson
|
Business
Continuity
via
Information
Security
and
People
Power
CIANA
at
Layer
8
and
Above
Exam
Objectives
2.
Security
Operations
and
Administration
2.7.
Participate
in
security
awareness
and
training
us
50f10
Next
»
@
dTest
3
23FD-ITS415-1
Based
on
Systems
Security
Certified
Practitioner
(SSCP)]
e
©
@
l
v
Correct
uCertify
In
general,
what
differentiates
phishing
from whaling
attacks?
v
A
D
Phishing
attacks
tend
to
be
used
to
gain
access
to
systems
via
malware
payloads
or
by
getting
recipients
to
disclose
information,
whereas
whaling
attacks
try
to
get
responsible
managers
to
authorize
payments
to
the
attacker's
accounts.
B
Phishing
attacks
are
focused
on
businesses,
whereas
whaling
attacks
can
be
aimed
at
anybody,
anywhere.
c
Whaling
attacks
tend
to
offer
something
that
ought
to
sound
“too
good
to
be
true;
whereas
phishing
attacks
masquerade
as
routine
business
activities
such
as
package
delivery
confirmations.
D
There's
really
no
difference.
Explanation
ITEM
LIST
Answer
A
is
correct.
Phishing
attacks
tend
to
be
used
to
gain
access
to
systems
via
malware
payloads
or
by
getting
recipients
to
disclose
information,
whereas
whaling
attacks
try
to
get
responsible
managers
to
authorize
payments
to
the
attacker's
accounts.
Option
B
is
incorrect;
whaling
is
primarily
aimed
at
senior
business
leaders,
whereas
phishing
can
be
aimed
at
anybody,
anywhere,
i
the
attacker
perceives
there
is
something
worthwhile
to
leam
in
doing
so.
Option
C
has
these
reversed;
whaling
attacks
depend
on
the
credibility
of
the
business
transaction
they
request.
Option
D
is
incorrect
as
there
is
a
difference
between
these
two
attacks.
Business
Continuity
via
Information
Security
and
People
Power
CIANA
at
Layer
8
and
Above
Exam
Objectives
2.
Security
Operations
and
Administration
2.7.
Participate
in
security
awareness
and
training
Retry
&
Previous
60f10
Next
»
@
E
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
23FD-ITS415-1
Based
on
Systems
Security
Certified
Practitioner
(SSCP)]
e
©
@
l
v
Correct
uCertify
:
Which
of
the
following
considers
how
to
keep
core
business
logic
and
processes
operating
safely
and
reliably
in
the
face
of
disruptive
incidents?
v
A
D
Business
continuity
planning
B
Physical
security
and
safety
planning
C
Critical
asset
protection
planning
D
Disaster
recovery
planning
Explanation
Answer
A
is
correct.
IES
Business
continuity
planning
considers
how
to
keep
core
business
logic
and
processes
operating
safely
and
reliably
in
the
face
of
disruptive
incidents.
Disaster
recovery
planning
must
concern
itself
with
significant
loss
of
life,
injury
to
people,
damage
to
organizational assets
(or
the
property
or
assets
of
others),
and
significant
disruption
to
normal
business
operations.
Critical
asset
protection
planning
looks
at
the
protection
required
for
strategic,
high-value,
or
high-isk
assets
to
prevent
significant
loss
of
value,
utilty,
or
availability
of
these
assets
to
serve
the
organization's
needs.
Physical
security
and
safety
planning
focuses
on
preventing
unauthorized
physical
access
to
the
organization's
premises,
property,
systems,
and
people.
Business
Continuity
via
Information
Security
and
People
Power
Surviving
to
Operate:
Plan
for
It!
Exam
Objectives
2.
Security
Operations
and
Administration
2.4.
Participate
in
asset
management
ZCRetry
«
Previous
70f10
Next
»
@
E
est
&
23FD-ITSA415-1
[ased
on
Systems
Securiy
Certified
Practitioner
(S5CP)]
Erd
©
&
l
v
Correct
uCertity
Which
plan
would
you
expect
to
be
driven
by
assessments
such
as
SLE
(single
loss
expectancy),
ARO
(annual
rate
of
occurrence),
or
ALE
(annual
loss
expectancy)?
+
|
&[]
mskmanagomentpla
B
Information
security
incident
response
plan
c
Contingency
operations
plan
D
Business
continuity
plan
Explanation
Answer
A
is
correct.
The
assessments
such
as
SLE,
ARO,
or
ALE
look
at
the
cost
and
likelihood
of
loss
or
impact
from
a
risk;
thus,
option
A
is
the
right
place
to
find
them
being
used
as
part
of
the
risk
management
plan.
The
other
answers
are
incorrect
since
they
are
response
plans;
these
should
be
built
to
meet
the
time-based
(or
data
loss—based)
assessments,
such
as
recovery
time
objective,
as
best
as
they
can
Lesson
Business
Continuity
via
Information
Security
and
People
Power
Cloud-Based
“Do-Over”
Buttons
for
Continuity,
Security,
and
Resilience
Exam
Objectives
3.
Risk
Identification,
Monitoring,
and
Analysis
3.1.
Understand
the
risk
management
process
(%
us
80f10
Next
»
@
EndTest
&3
l
v
Correct
Which
term
is
defined
as
the
fraction
of
the
value
of
an
asset,
a
process,
or
an
outcome
that
will
be
lost
from
a
single
occurrence
of
the
risk
event?
Confirmation
You
are
on
the
last
item.
Review
your
item
list
or
end
your
test.
=
%
n
s
10
0
10
0
Items
Attempted
Unattempted
Bookmarked
The
exposure
factor
(EF)
is
th
vccurrence
of
the
risk
event.
The
d
value
(SV)
is
the
cost
to
install,
owable
outage
(MAO)
is
the
Explanation
=
greatest
time
period
that
busine
Business
Continuity
via
Information
Security
and
People
Power
Cloud-Based
“Do-Over”
Buttons
for
Continuity,
Security,
and
Resilience
Exam
Objectives
3.
Risk
Identification,
Monitoring,
and
Analysis
3.1.
Understand
the
risk
management
process
ZiRetry
&
Previous
100f10
Next
»
@
EndTest
&3
u()ertlty
23FD-ITS415-1
[Based
on
Systems
Security
Certified
Practitioner
(SSCP)]
(5
Q)]
I
+
Correct
What
should
be
your
highest
priority
as
you
consider
improving
the
information
security
of
your
organization's
telephone
and
voice
communication
systems?
A
Ensuring
that
all
sensitive
information,
of
any
kind,
is
covered
by
NDAs
(nondisclosure
agreements)
B
Having
in-depth
and
current
technical
knowledge
of
the
systems
and
technologies
being
used
c
Understanding
the
contractual
or
terms
of
service
conditions,
with
each
provider,
as
they
pertain
to
information
security
v
D
D
Ensuring
that
users,
managers,
and leaders
understand
the
risks
of
sharing
sensitive
information
with
the
wrong
parties
and
that
effective
administrative
controls
support
everyone
in
protecting
information
accordingly
ITEM
LIST
Explanation
Answer
D
is
correct.
You
should
correctly
focus
on
what
people
in
your
organization
need
to
know:
how
and
why
to
protect
the
organization,
by
controlling
what
they
say
to
others.
Option
B
is
not
correct;
most
of
the
risk
is
in
what
people
say
to
each
other
over
these
systems,
and
technical
controls
can
do
little
to
mitigate
this.
Option
C
is
incorrect;
the
service
provider
has
no
role
in
how
you
keep
your
people
from
saying
the
wrong
things
to
the
wrong
parties.
Option
A
is
incorrect;
a
signed
NDA
may
make
the
employee
signing
it
aware
of
the
restrictions,
and
provide
authority
for
sanctions
(such
as
litigation,
termination,
etc.),
but
it
doesn't
help
operationally
in
achieving
information
security.
Lesson
Business
Continuity
via
Information
Security
and
People
Power
CIANA
at
Layer
8
and
Above
Exam
Objectives
2.
Security
Operations
and
Administration
2.5.
Implement
security
controls
and
assess
compliance
CRetry
&
Previous
90f10
Next
»
@
EndTest
@
l
v
Correct
Which
term
is
defined
as
the
fraction
of
the
value
of
an
asset,
a
process,
or
an
outcome
that
will
be
lost
from
a
single
occurrence
of
the
risk
event?
Explanation
Answer
D
is
correct.
The
exposure
factor
(EF)
is
the
fraction
of
the
value
of
an
asset,
a
process,
or
an
outcome
that
will
be
lost
from
a
single
occurrence
of
the
risk
event.
The
annual
rate
of
occurrence
(ARO)
is
the
anticipated
number
of
times
per
year
that
such
an
event
may
occur.
The
safeguard
value
(SV)
is
the
cost
to
install,
activate,
and
use
the
risk
mitigation
controls
that
provide
protection
from
the
impact
of
this
risk
event.
The
maximum
allowable
outage
(MAO)
is
the
greatest
time
period
that
business
operations
can
be
allowed
to
be
disrupted
by
the
risk
event.
Business
Continuity
via
Information
Security
and
People
Power
Cloud-Based
“Do-Over”
Buttons
for
Continuity,
Security,
and
Resilience
Exam
Objectives
3.
Risk
Identification,
Monitoring,
and
Analysis
3.1.
Understand
the
risk
management
process
s
G
AR
o
(=
(o
TV
(oo
i
[
N
DA
>
O
W
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help