Nt2580 Essay example
1. Which of the following is an action that could damage an asset? -Threat - Any action that could damage an asset.
2. Which law requires all types of financial institutions to protect customers’ private financial information? -Gramm-Leach Bliley Act(GLBA - Passed in 1999,
3. An AUP is part of a layered approach to security, and it supports confidentiality. What else supports confidentiality? Protecting Private Data - The process of ensuring data confidentiality.
4. Which of the following is a detailed written definition of how software and hardware are to be used?
-Standard - A detailed written definition for hardware and software and how it is to be used.
5. Which of the …show more content…
13. Which of the following is a type of authentication? - Authentication Types - Knowledge, ownership, characteristics
14. Identify an example of an access control formal model. - Formal Models Of Access - Discretionary access control (DAC) - The owner of a resource decides who gets in, and changes permissions as needed. The owner can give that job to others.
15. Which of the following access control models is based on a mathematical theory published in 1989 to ensure fair competition? - Brewer and Nash Integrity Model - based on a mathematical theory published in 1989 to ensure fair competition.
16. Which of the following are primary categories of rules that most organizations must comply with? -Two levels of Organizational Compliance - Regulatory Compliance, Organizational Compliance
17. Which of the following is not a part of an ordinary IT security policy framework? - IT Security Policy - A security framework addresses these directives through policies and their supporting elements, such as standards, procedures, baselines, and guidelines.
18. Which of the following helps you determine the appropriate