CIS 462 Final Exam (2 Set) CIS 462 Final Exam (2 Set) | Page 7
• Question 5 The primary objective of a security awareness program is to _________.
• Question 6 What is a common consequence of failing to adhere to an acceptable use policy
(AUP)?
• Question 7 What is a benefit of instructor-led classroom training for security awareness?
• Question 8 Which of the following is generally not a part of a security awareness
communications plan?
• Question 9 Which of the following methods is used to track compliance?
• Question 10 Which organization maintains the Common Vulnerabilities and Exposures (CVE)
list?
• Question 11 Best practices for IT security policy compliance monitoring includes
___________.
• Question 12 Three major components of the ITIL life cycle are service transition, service
operation, and service _________.
• Question 13 You want to identify active hosts on a network, detect open ports, and
determine the operating system in use on servers. Which is the best tool to use?
• Question 14 Nessus® is a type of _______________.
• Question 15 Your company wants to minimize the risk of its employees sharing confidential
company information via e-mail. What is the best tool to use to minimize this risk?
• Question 16 Which organizational committee ensures that an external service provider is
meeting the service level agreement (SLA) in the contract?
• Question 17 ___________ is/are key to security policy enforcement.
• Question 18 In a large organization, what is the name of the entity that reviews technology
activity and provides approvals before a project or activity can proceed to the next stage?
• Question 19 When monitoring an employee's Internet use, which of the following can
potentially violate an employee's rights?
• Question 20 What is the name of a common control that is used across a significant
population of systems, applications, and operations?
• Question 21 Which of the following is a manual control for enforcing security policies?Before
an incident can be declared, the IRT must develop an incident ________ for incident response.