SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Domain2 Compliance And Organization Security
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 47 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Important principles governing the collection - preservation - and access of digital data.
well documented paper records
Hard drive
An agreement between two companies to store each others data
The process of seizing - accessing - storing - or transferring digital evidence should be fully documented and made available for review - Only copies of evidence should be manipulated or analyzed whenever possible - Any investigation and analysis p
2. This identifies a policy that addresses how to deal with a security incident after that incident has happened?
Incident response policy
the data and memory on the system
Water - Soda acid
a regular backup strategy
3. The forensic investigators should avoid _____________ where potential evidence is concerned.
running programs that modify files
Acceptable use policy
Cold site
Biometric lock
4. This represents a backup site that is partially configured with some equipment
accuracy of the information maintained by the security department
legitimate use of system accounts
Warm site
Cable trap
5. Biometric security systems are...
Natural - External - Human induced accidents - Armed conflict
high in cost - and hard to implement
delegating
Cold site
6. Recommended fire suppression methods for common combustibles
shutting down the affected system
Water - Soda acid
a regular backup strategy
delegating
7. A backup site that contains only basic computing environments such as wiring - ventilation - and flooring.
Cold site
Acceptable use policy
accuracy of the information maintained by the security department
Water - Soda acid
8. With respect to the volatility of evidence - the least volatile area of the system.
Natural - External - Human induced accidents - Armed conflict
Hard drive
well documented paper records
Acceptable use policy
9. Examples of events that could be classified as potential threats to your network
Loss of power - Tornado - Terrorism - Hijacking
The process of seizing - accessing - storing - or transferring digital evidence should be fully documented and made available for review - Only copies of evidence should be manipulated or analyzed whenever possible - Any investigation and analysis p
Volatility - Susceptible to tampering
incident response policy
10. The use of __________ should be evaluated when considering natural disaster safeguards.
accuracy of the information maintained by the security department
lightning rods
An agreement between two companies to store each others data
Computer forensics
11. Educating users about the ___________ should be part of any user security training package.
validate the authenticity of their evidence
legitimate use of system accounts
Hot site
It must be handled properly
12. Example of the concept of a reciprocal backup agreement?
Loss of power - Tornado - Terrorism - Hijacking
An agreement between two companies to store each others data
Cold site
validate the authenticity of their evidence
13. Disasters can be broadly classified into these categories...
lightning rods
Cable trap
Natural - External - Human induced accidents - Armed conflict
running programs that modify files
14. An intrusion detection system is considered an integral part of an...
incident response policy
Piggybacking
accuracy of the information maintained by the security department
technical access control
15. The process of keeping track of all individuals that have accessed the evidence is referred to as...
Cold site
One
Chain of custody
running programs that modify files
16. With respect to the volatility of evidence - represents the most volatile area of the system?
It must be handled properly
Memory
Security policy
RBAC
17. Which process is responsible for recovery of data - and the preservation of digital evidence?
shutting down the affected system
An agreement between two companies to store each others data
Computer forensics
Biometric lock
18. When choosing a site that will be used for storage it is important ________ the environment found at the site used for your daily operations.
Natural - External - Human induced accidents - Armed conflict
legitimate use of system accounts
not to duplicate
RBAC
19. The process of distributing tasks among a number of individuals in order to minimize the effect of employee attrition while also creating a manageable learning curve for new employees is known as...
legitimate use of system accounts
delegating
accuracy of the information maintained by the security department
Water - Soda acid
20. When access to services or resources are organized by using rules - which access control model is being used?
Argon
RBAC
legitimate use of system accounts
An agreement between two companies to store each others data
21. The recommended fire suppression method for an electrical fire
Piggybacking
physical surveillance methods
not to duplicate
Argon
22. When any incident is detected - _____________ is not onsidered a best practice in order to maintain security.
shutting down the affected system
Cable trap
validate the authenticity of their evidence
physical surveillance methods
23. A characteristic of Digital evidence
lightning rods
delegating
One
Volatility - Susceptible to tampering
24. Ventilation can be considered a category of...
Hot site
Piggybacking
technical access control
Natural - External - Human induced accidents - Armed conflict
25. Necessary when handling digital evidence in order for it to be admissible in court?
the data and memory on the system
It must be handled properly
Loss of power - Tornado - Terrorism - Hijacking
delegating
26. An effective disaster recovery plan for a small company could be as simple as...
due care
Volatility - Susceptible to tampering
Warm site
a regular backup strategy
27. The process of writing information to the security log is known as...
Computer forensics
Logging
An agreement between two companies to store each others data
Argon
28. The accuracy of biometric security systems is dependent in large part on the...
An agreement between two companies to store each others data
Incident response policy
accuracy of the information maintained by the security department
Hot site
29. Digital signatures enable forensic specialists to...
It must be handled properly
One
due care
validate the authenticity of their evidence
30. A lock that secures computer hardware and network devices?
Acceptable use policy
validate the authenticity of their evidence
Device lock
incident response policy
31. Addresses the use of computer equipment and network resources for use that is non-beneficial to the company
An agreement between two companies to store each others data
Acceptable use policy
Incident response policy
Biometric lock
32. An ideal facility would have a secure perimeter and secure access points. What is the recommended number of access points?
Computer forensics
accuracy of the information maintained by the security department
RBAC
One
33. Once an incident has been contained it will be necessary to...
eradicate any causes of the incident
Logging
incident response policy
shutting down the affected system
34. Which door lock type is considered most secure?
Biometric lock
It must be handled properly
high in cost - and hard to implement
due care
35. System security scans should be performed by in-house staff...
Chain of custody
Hot site
as well as security consultants
Security policy
36. The process of identifying assets - determining their value - and then determining possible threats to those assets is referred to as...
Hot site
Risk management
delegating
incident response policy
37. The practice of an unauthorized individual gaining access to a facility by following closely behind an authorized employee is known as...
Piggybacking
Security policy
Logging
due care
38. When collecting evidence - the 'state' of a crime scene should not be modified. This includes both...
Cold site
incident response policy
the data and memory on the system
Natural - External - Human induced accidents - Armed conflict
39. A lock that covers the expansion slots on computer devices
Piggybacking
Volatility - Susceptible to tampering
Slot lock
Biometric lock
40. A security guard is instrumental in deploying...
Security policy
physical surveillance methods
incident response policy
RBAC
41. The least expensive solution for an alternative backup site?
well documented paper records
RBAC
Hot site
Cold site
42. Locks that use a physical lock and key
Cold site
Logging
accuracy of the information maintained by the security department
Preset lock
43. It is extremely important to have your disaster recovery plan including __________ stored in a safe place.
Incident response policy
a regular backup strategy
Argon
well documented paper records
44. This identifies a device lock that prevents unauthorized removal of cables from computer devices?
validate the authenticity of their evidence
Risk management
lightning rods
Cable trap
45. Which choice represents the most expensive solution for an alternative backup site?
The process of seizing - accessing - storing - or transferring digital evidence should be fully documented and made available for review - Only copies of evidence should be manipulated or analyzed whenever possible - Any investigation and analysis p
Computer forensics
Hot site
due care
46. Represents that an organization is responsibly managing it's data and security
lightning rods
Volatility - Susceptible to tampering
Piggybacking
due care
47. A general statement produced by senior management and the technology department to dictate what security means to the organization?
Slot lock
Security policy
The process of seizing - accessing - storing - or transferring digital evidence should be fully documented and made available for review - Only copies of evidence should be manipulated or analyzed whenever possible - Any investigation and analysis p
delegating
