Multiple choice. Please give a brief explanation for your answers.
QUESTION 1
PART A
An organization decided to implement an education program using
role-based training, and wants to ensure that each role gets the
necessary training based on the role. Which of the following best
describes the responsibilities of data owners and indicates what
training they need?
A) Ensuring data is backed up in accordance with the data
policy.
B) Ensuring data is classified and labeled correctly.
C) Complying with laws related to privacy.
D) Understanding common threats, such as malware and phishing
attacks.
Part B
Separation of duties (SoD) is a key concept of internal
controls. Indicate two best answers from the following list that
are elements of SoD.
A) Individuals rotate security-related duties so that no one person
is permanently responsible for a sensitive function.
B) Includes two-man and dual operator controls.
C) Operators maintain an arms-length relationship with security
controls.
D) Continuous retraining of personnel.
E) Ensures that no one person can compromise the whole system.
Answer 1:
B) Ensuring data is classified and labeled correctly.
if the data is classified it will easy and accurate to identify the users roles so that we can provide them exact training what they need
Answer 2:
B) Includes two-man and dual operator controls.
E) Ensures that no one person can compromise the whole system.
Multiple choice. Please give a brief explanation for your answers. QUESTION 1 PART A An organization...
A new version of the operating system is being planned for installation into your department’s production environment. What sort of testing would you recommend is done before your department goes live with the new version? Identify each type of testing and describe what is tested. Explain the rationale for performing each type of testing. [ your answer goes here ] Would the amount of testing and types of testing to be done be different if you were installing a security...