devry sec440 week 6 quiz by paula | Jun 5, 2025 | Urban Planning and Policy 1. (TCO 6) An employee who fails to report a suspected security weakness (Points : 4) is doing his or her job. will not be punished. will be treated the same as if he or she had initiated a malicious act against the company. is making sure not to aggravate the situation by making a mistake. Question 2. 2. (TCO 7) Which of the following is NOT an access control method? (Points : 4) MAC RBAC DAC PAC Question 3. 3. (TCO 8) When is the best time to think about security when writing a new piece of code? (Points : 4) At the end, once all the modules have been written After the users have had a chance to review the application At the beginning of the project After the application has been approved and authorized by the ISO Question 4. 4. (TCO 9) As it pertains to GLBA, what does NPI stand for? (Points : 4) Nonpublic information Nonpublic personal information Nonprivate information Nonprivate personal information Question 5. 5. (TCO 6) The primary antimalware control is (Points : 4) an updated antivirus solution. a firewall. a router. an acceptable use policy. Question 6. 6. (TCO 7) Which is the first target of a hacker who has gained access to an organization’s network? (Points : 4) Log files Sensitive data User accounts Public data Question 7. 7. (TCO 8) Which formal security-related process should take place at the beginning of the code creation project? (Points : 4) Risk assessment Input validation Output validation SQL injection validation Question 8. 8. (TCO 9) Who enforces the GLBA? (Points : 4) Eight different federal agencies and states The FDIC The FFIEC The Secretary of the Treasury Question 9. 9. (TCO 6) The part of the antivirus solution that needs to be updated daily is (Points : 4) the DAT files. central command. the control panel. the engine. Question 10. 10. (TCO 7) All users are expected to keep their password secret, unless (Points : 4) a member of the IT group asks for it. another employee needs to log on as them. d. someone identifying themselves as the ISO asks for it. There is no “unless.” Question 11. 11. (TCO 8) If an employee uses a company-provided application system and finds what he or she thinks is a loophole that allows access to confidential data, that employee should (Points : 4) alert his or her manager and the ISO immediately. verify and test the alleged loophole before alerting anyone. not say anything unless he or she is a member of the incident response team. alert his or her manager whenever he or she happens to have a chance to do so. Question 12. 12. (TCO 9) What do the Interagency Guidelines require every covered institution to implement? (Points : 4) Quarterly risk assessments A biannual review of the disaster recovery plan A comprehensive written information security program A monthly inventory of all information assets Question 13. 13. (TCO 6) Grandfather-father-son is a model used for (Points : 4) antivirus updates. antispyware updates. backup strategies. change control management strategies. Question 14. 14. (TCO 7) Which of the following is the most popular single factor authentication method? (Points : 4) Cameras Biometric devices Tokens Passwords Question 15. 15. (TCO 8) Input validation is (Points : 4) verifying that a piece of code does not have any inherent vulnerabilities. making sure that employees know what information to enter in a new system. testing an application system by entering all kinds of character strings in the provided fields. testing what information an application system returns when information is entered. Order a similar assignment, and have writers from our team of experts write it for you, guaranteeing you an A
