How JustAnswer Works:
  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site. Ask follow up questions if you need to.
  • 100% Satisfaction Guarantee
    Rate the answer you receive.
Ask Scott Your Own Question
Scott, MIT Graduate
Category: Homework
Satisfied Customers: 3040
Experience:  MIT Graduate (Math, Programming, Science, and Music)
Type Your Homework Question Here...
Scott is online now
A new question is answered every 9 seconds

CO 1) Which of the following should not be the basis policy?

Customer Question

CO 1) Which of the following should not be the basis for security policy? (Points : 5)
Corporate directives
Corporate needs
Vendor documentation
Situation awareness reporting
Question 2.2. (TCO 2) The IISSCC divides controls into 10 _____, while NIST organizes controls into three _____ and 17 _____. (Points : 5)
domains, classes, families
domains, controls, families
families, controls, classes
domains, families, classes
controls, domains, families
Question 3.3. (TCO 2) What are the pillars of security? (Points : 5)
Confidentiality, integrity, and availability
Detection, prevention, and recovery
People, process, and technology
Administration, technology, and operation
Question 4.4. (TCO 3) Security management should ensure that policies established for information security distinguish the _____ of assets, organize people by _____, and manage _____ because that is the enemy of security. (Points : 5)
people, separation of duties, technology
sensitivity, separation of duties, complexity
technologies, importance, people
taxonomy, separation of duties, complexity
labels, accounts, complexity
Question 5.5. (TCO 4) "There shall be a way for an individual to correct information in his or her records" is a clause that might be found in a _____. (Points : 5)
code of ethics
corporate policy
fair information practices statement
Any of the above
Question 6.6. (TCO 5) Security models are _____ that are used to _____ ideas, and are not meant to be _____. (Points : 5)
solutions, implement, abstractions
abstractions, evaluate, solutions
abstractions, implement, solutions
solutions, document, abstractions
documents, implement, solutions
Question 7.7. (TCO 6) Many believe that the most important physical security control is _____. (Points : 5)
closed-circuit television
a good security plan
an educated workforce
certified security staff
Question 8.8. (TCO 7) The mission of the security operations center might best be described as _____. (Points : 5)
continuous monitoring
maintaining the known good state
policy enforcement
reporting to management
configuration management
Question 9.9. (TCO 8) Alternate sites used in disaster recovery would normally not include which of the following? (Points : 5)
Hot site
Cold site
Warm site
Shared site
Alternate site
Question 10.10. (TCO 9) Mandatory access control uses labels and rules to mediate access to _____ by _____. (Points : 5)
objects, subjects
files, people
computer cycles, applications
information assets, people
information assets, network devices
Question 11.11. (TCO 10) As a generalization, symmetric cryptography is used to encrypt _____, and asymmetric cryptography is used to encrypt _____. (Points : 5)
messages, identities
data, identities
data, signatures
data, messages
messages, signatures
Question 12.12. (TCO 10) In a given city, there are a group of people who wish to communicate through the use of asymmetric cryptography. They do not wish to work with any type of certificate authority. Given this information, how would this be accomplished? (Points : 5)
Internal certificate authority
Private extranet
Public VPN provider
IPSec tunnels
Utilize PGP
Question 13.13. (TCO 11) A bastion host can be used as an application-level gateway or a circuit-level gateway (or both) because it implements application-specific _____. (Points : 5)
Question 14.14. (TCO 12) In addition to normal functional and assurance bugs, intrusion detection is subject to two kinds of errors called _____ and _____. (Points : 5)
type a, type b
false positive, false negative
hardware, software
functional, assurance
performance, availability
Question 15.15. (TCO 13) All of the following are obscure reasons why distributed systems are more prevalent now than in the past, expect for which one? (Points : 5)
Improved performance
Increased availability
Greater versatility
Efficient business models
Submitted: 1 year ago.
Category: Homework
Expert:  HomeworkPete replied 1 year ago.

Hi Jessica,

When do you need these by?

Customer: replied 1 year ago.

End of day today

Expert:  HomeworkPete replied 1 year ago.

Ok, I will check if another expert can assist with this...

Expert:  Mr. Gregory White replied 1 year ago.

This just popped into my system. Still needed or too late at this point? Let me know.


Customer: replied 1 year ago.

Too late

Expert:  Mr. Gregory White replied 1 year ago.

So sorry about that - have a great week!