There is a three tiered approach to Defense Contract Management

Added on - 22 Sep 2019

  • 5

    pages

  • 872

    words

  • 129

    views

  • 0

    downloads

Showing pages 1 to 2 of 5 pages
1.There is a three tiered approach to Defense Contract Management Agency (DCMA) cybersecurity riskmanagement.TRUE2.There is no one correct set of security controls that address es all organizational security concerns in allsituations.FALSE3.Masqueradingorspoofing, an impersonation of one entity by another is a form of both deception andusurpation.TRUE4.Availability assures that systems work promptly and service is not denied to authorize users.TRUE5.Information Assurance (IA) and Information Security refer to the same issue and are usedinterchangeably.FALSE6.The more critical a component or service, the higher the level of availability required.TRUE7.Which of the following is not part of SNIA’s Common Security Frameworks?A.Federal Financial Institutions Examination Council (FFIEC)B.National Institute of Standards and Technology (NIST), Recommended Security Controls for FederalInformation Systems (Special Publication 800-53)C.Trusted Computer System Evaluation Criteria (Orange Book)D.IT Governance Institute (ITGI), Control Objectives for Information and related Technology (COBIT)Version 4.18.SNIA’s Security Paradigm consist of ------------principles.A.4B.9C.10D.59.Which of the following is not a SNIA’s approach in applying security principles?A.Security by obscurity strategyB.The perimeter defense strategy
C.Defense in depth strategyD.Application of technology strategy10.The weakest link in security is the ---------------.A.Human elementB.Technology elementC.Implementation elementD.Policy element11.In the FIPS PUB 200, the minimum security requirements covers-------------A.Eight security-related areas to protecting the CIA of federal information systemsB.Ten security-related areas to protecting the CIA of federal information systemsC.Seventeen security-related areas to protecting the CIA of federal information systemsD.Fourteen security-related areas to protecting the CIA of federal information systems12.What is the primary goal of risk management?A.To produce a 100-percent risk-free environmentB.To guide budgetary decisionsC.To reduce risk to an acceptable levelD.To provide an asset valuation for insurance13.Vulnerabilities and risks are evaluated based on their threats against which of the following?.A.One or more of the CIA Triad principlesB.Data usefulnessC.Due careD.Extent of liability
desklib-logo
You’re reading a preview
card-image

To View Complete Document

Become a Desklib Library Member.
Subscribe to our plans

Download This Document