首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
The following scenario applies to questions 29, 30, and 31. Barry has just been hired as the company security officer at an inte
The following scenario applies to questions 29, 30, and 31. Barry has just been hired as the company security officer at an inte
admin
2013-12-19
78
问题
The following scenario applies to questions 29, 30, and 31.
Barry has just been hired as the company security officer at an international financial institution. He has reviewed the company’s data protection policies and procedures. He sees that the company stores its sensitive data within a secured database. The database is located in a network segment all by itself, which is monitored by a network-based intrusion detection system. The database is hosted on a server kept within a server room, which can only be accessed by personnel with the correct PIN value and smart card. Barry finds that the sensitive data backups are not being properly secured and requests that the company implement a secure courier service that moves backup tapes to a secured location. His management states that this option is too expensive, so Barry implements a local hierarchy storage management system that properly protects the sensitive data.
Which of the following best describes the control types the company originally had in place?
选项
A、Administrative preventive controls are the policies and procedures. Technical preventive controls are securing the system, network segmentation, and intrusion detection system. Physical detective controls are the physical location of the database and PIN and smart card access controls.
B、Administrative preventive controls are the policies. Technical preventive controls are securing the system and intrusion detection system. Physical preventive controls are the physical location of the database and PIN and smart card access controls.
C、Administrative corrective controls are the policies and procedures. Technical preventive controls are securing the system, network segmentation, and intrusion detection system. Physical preventive controls are the physical location of the database and PIN
D、Administrative preventive controls are the policies and procedures. Technical preventive controls are securing the system and network segmentation. The technical detective control is the intrusion detection system. Physical preventive controls are the phy
答案
D
解析
D正确。行政预防控制指的是政策和过程。技术预防控制是为了确保系统和网络部门的安全。技术检测控制指的是入侵检测系统,物理预防控制指的是数据库、PIN和智能卡访问控制的物理位置。
A不正确。因为入侵检测系统不是一种预防控制,这是一个检测控制的例子。保证恰当的预防控制和检测控制至关重要。
B不正确。因为这个选项是一个行政防御控制,它没有提到过程。这个答案也错误地将入侵检测系统描述为预防控制,而不是检测控制。
C不正确。因为这个答案错误地将入侵检测系统描述为一组预防控制,而不是检测控制。这个答案也描述了政策和过程是矫正控制,但是它们是预防控制。
转载请注明原文地址:https://kaotiyun.com/show/FNhZ777K
0
CISSP认证
相关试题推荐
AsformercolonistsofGreatBritain,theFoundingFathersoftheUnitedStatesadoptedmuchofthelegalsystemofGreatBritai
Individualsandbusinesseshavelegalprotectionforintellectualpropertytheycreateandown.Intellectualproper【C1】______fro
RoboticHighwayConesAUniversityofNebraskaprofessorhasdevelopedroboticconesandbarrels.____41____Theycanevenbe
About3billionpeoplelivewithin100milesofthesea,anumberthatcoulddoubleinthenextdecadeashumansflocktocoasta
[A]Whattodoasastudent?[B]Variousdefinitionsofplagiarism[C]Ideasshouldalwaysbesourced[D]Ignorancecanbeforgi
VirtualDriverDrivinginvolvessharpeyesandkeenears,analyzingwithabrain,andcoordinationbetweenhands,feetandb
APerpetualMotionMachineisafascinatingandlong-discussedtopicthatmoveswellbeyondthescopeofphysics.Inshort,Ape
Fewthingssay"forgetI’mhere"quitesoeloquentlyastheposeoftheshy—theavertedgaze,thehunchedshoulders,thebodypi
[A]Developmentwelcomedbycityplanners[B]Reduceddemandsonspaceandenergy[C]Plansforfuturehomes[D]Worldwideexamp
Twentyyearsagoadebateeruptedaboutwhethertherewerespecific"Asianvalues".Butamoreintriguing,iflessnoticed,arg
随机试题
训练x线球管的目的是
植物新品种一经审定通过,就获得了终生受保护的权利。
“p或者q”是_______的逻辑形式。
女患,15岁,以“面部红斑、双手关节肿痛伴间断发热2年”来诊。查体:体温38.7℃,面颊及鼻部见蝶型红斑,双下肢散在小出血点,双眼睑水肿,心肺无异常,双手关节肿胀。化验:血常规白细胞4.0×109/L,血红蛋白85g/L,血小板6.5×109/L;尿常规蛋
A.独活寄生汤B.四妙丸C.肾著汤D.肾气丸E.左归丸
亡阴证的临床表现通常不见
某食品厂为增值税小规模纳税人,2020年5月销售糕点一批,取得含税销售额400000元,经主管税务机关核准初次购进增值税税控专用设备一台,取得的增值税专用发票注明价税合计1800元。该食品厂当月应纳增值税()元。
某位于市区的外贸公司(增值税一般纳税人)2016年进口一批应征消费税的货物,到岸价为120000欧元,另支付包装费4050欧元、港口到厂区公路运费5000元人民币。已知当期汇率1欧元=8元人民币,关税税率28%,消费税税率30%,则该公司进口环节应纳各项税
公安机关人民警察内务建设的任务之一,建立规范的工作、学习、生活秩序主要是指()。
Untilmodemtimes,atripwasoftenalonganddifficult【B1】______.Travelingbyhorseorcameloronfootwasslowandoften【B
最新回复
(
0
)