Online Access Free 156-110 Practice Test

A(n) _______________ is an unintended communication path that can be used to violate a system security policy.

• A.Aggregated data set
• B.Integrity axiom
• C.Inferred fact
• D.Covert channel
• E.Simple rule violation

____________________ is the state of being correct, or the degree of certainty a person or process can have, that the data in an information asset is correct.

• A.Availability
• B.Authenticity
• C.Privacy
• D.Confidentiality
• E.Integrity

What type of document contains information on alternative business locations, IT resources, and personnel?

• A.Acceptable use policy
• B.Nondisclosure agreement
• C.End-user license agreement
• D.Business continuity plan
• E.Security policy

ABC Corporation's network is configured such that a user must log in individually at each server and access control. Which type of authentication is in use?

• A.Three-factor authentication
• B.Role-based access control
• C.Mandatory sign-on
• D.Single sign-on
• E.Hybrid access control

Distinguish between the role of the data owner and the role of the data custodian.
Complete the following sentence. The data owner is the:

• A.person or entity responsible for imposing and enforcing policies and restrictions, dictated by the functional user. The data custodian is a person or process who accesses and/or manipulates the information.
• B.department in the organization responsible for the data's physical storage location. The data custodian is anyone who has access the data for any reason.
• C.person or process that originally creates the information. The data custodian is a role that shifts to any person or process currently accessing the data, and passes to the next person or process to access the data.
• D.person or entity who accesses/and or manipulates data or information, in the course of assigned duties. The data custodian is a person or process with the appropriate level of privilege to access the data.
• E.person or entity ultimately responsible for the security of an information asset. The data custodian is the person or entity responsible for imposing and enforcing policies and restrictions, dictated by the data owner.