Nt2580 Essay example
1. Which of the following is an action that could damage an asset?
-Threat - Any action that could damage an asset.
2. Which law requires all types of financial institutions to protect customers’ private financial information?
-Gramm-Leach Bliley Act(GLBA - Passed in 1999,
3. An AUP is part of a layered approach to security, and it supports confidentiality. What else supports confidentiality?
Protecting Private Data - The process of ensuring data confidentiality.
4. Which of the following is a detailed written definition of how software and hardware are to be used?
-Standard - A detailed written definition for hardware and software and how it is to be used.
5. Which of the …show more content…
- Logical access control - These control access to a computer system or network.
13. Which of the following is a type of authentication?
- Authentication Types - Knowledge, ownership, characteristics
14. Identify an example of an access control formal model.
- Formal Models Of Access - Discretionary access control (DAC) - The owner of a resource decides who gets in, and changes permissions as needed. The owner can give that job to others.
15. Which of the following access control models is based on a mathematical theory published in 1989 to ensure fair competition?
- Brewer and Nash Integrity Model - based on a mathematical theory published in 1989 to ensure fair competition.
16. Which of the following are primary categories of rules that most organizations must comply with?
-Two levels of Organizational Compliance - Regulatory Compliance, Organizational Compliance
17. Which of the following is not a part of an ordinary IT security policy framework?
- IT Security Policy - A security framework addresses these directives through policies and their supporting elements, such as standards, procedures, baselines, and guidelines.
18. Which of the following helps you determine the appropriate…