212-89 Practice Test

ADAM, an employee from a multinational company, uses his company’s accounts to send e-mails to a third party with their spoofed mail address. How can you categorize this type of account?

A.

Inappropriate usage incident

B.

Unauthorized access incident

C.

Network intrusion incident

D.

Denial of Service incident

Identify a standard national process which establishes a set of activities, general tasks and a management structure to certify and accredit systems that will maintain the information assurance (IA) and security posture of a system or site.

A.

NIASAP

B.

NIAAAP

C.

NIPACP

D.

NIACAP

According to the Fourth Amendment of USA PATRIOT Act of 2001; if a search does NOT violate a person’s “reasonable” or “legitimate” expectation of privacy then it is considered:

A.

Constitutional/ Legitimate

B.

Illegal/ illegitimate

C.

Unethical

D.

None of the above

The left over risk after implementing a control is called:

A.

Residual risk

B.

Unaccepted risk

C.

Low risk

D.

Critical risk

When an employee is terminated from his or her job, what should be the next immediate step taken by an organization?

A.

All access rights of the employee to physical locations, networks, systems, applications and data should be disabled

B.

The organization should enforce separation of duties

C.

The access requests granted to an employee should be documented and vetted by the supervisor

D.

The organization should monitor the activities of the system administrators and privileged users who have permissions to access the sensitive information