• Question 11 Passwords and biometrics are most closely associated with which of the
following?
• Question 12 Policies and procedures differ in that policies are ________ and procedures are
__________.
• Question 13 Which of the following is optional, and sets the parameters within which the
others can be used?
• Question 14 A backup generator is an example of which type of security control?
• Question 15 What does "tone at the top" refer to?
• Question 16 Log monitoring and review is an example of which type of security control?
• Question 17 A(n) _______ is a confirmed event that compromises the confidentiality,
integrity, or availability of information.
• Question 18 Which of the following is a physical control?
• Question 19 Which of the following is not a generally accepted principle for implementing a
security awareness program?
• Question 20 In which domain is virtual private networking a security control?
• Question 21 You are on the West Coast but want to connect to your company's intranet on
the East Coast. You use a program to "tunnel" through the Internet to reach the intranet. Which
technology are you using?
• Question 22 You swipe your finger over your laptop's fingerprint reader to unlock the
computer. Which type of authentication method are you using?
• Question 23 Authentication and encryption of intranet traffic is a _______ Domain issue.
• Question 24 In which IT domain do service level agreements help ensure the reliability and
speed of a network connection?
• Question 25 In the Workstation Domain, ____________ is the best method of reducing the
risk of information leakage.
• Question 26 In Kotter's change model, in which step does the ISO tune the message so the
value of implementing the policy makes sense?
• Question 27 In Kotter's change model, which of the following is true as part of Step 1: Create
urgency?