You are responsible for network and information security at a large hospital. It is a significant concern that any change to any patient record can be easily traced back to the person who made that change. What is this called?

Organizations must assess the safety of their workplaces and consider the ability of a business to continue despite risk impact. When assessing business continuity risks, the HR Professional must consider several different types of disasters, their probability, and impact on an organization. What category of disaster is best described as acts of terrorism, major thefts, sabotage, or labor disputes?

Which of the following components in a TCB acts as the boundary that separates the TCB from the remainder of the system?

Which of the following refers to the ability to ensure that the data is not modified or tampered with?

Which of the following tests activates the total disaster recovery plan?

Which of the following TCB techniques involves viewing system components at a high level and ignoring or segregating its specific details?

Which of the following is a compromise between hot and cold sites?

Which of the following documents is necessary to continue the business in the event of disaster or emergency?

IT Service Continuity Management (ITSCM) is used to support the overall Business Continuity Management (BCM) in order to ensure that the required IT infrastructure and the IT service provision are recovered within an agreed business time scales. Which of the following are the benefits of implementing IT Service Continuity Management?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following strategies is used to minimize the effects of a disruptive event on a

company, and is created to prevent interruptions to normal business activity?

Which of the following phases is the first step towards creating a business continuity plan?

Which of the following processes helps to quantify the impact of potential threats to put a price or value on the cost of lost business functionality?

In risk analysis, which of the following can be identified as a consequence of a disaster?

The Incident handling process implemented in an enterprise is responsible to deal with all the incidents regarding the enterprise. Which of the following procedures will be involved by the preparation phase of the Incident handling process?

Which of the following documents helps disaster recovery team members in getting the alternate sites up and running?

Which of the following security procedures is related to the SDLC's implementation?

Which of the following TCB components is a hardware, firmware, and software element that

implements the reference monitor concept?

You work as a senior project manager in SoftTech Inc. You are working on a software project using configuration management. Through configuration management, you are decomposing the verification system into identifiable, understandable, manageable, traceable units that are known as Configuration Items (CIs). According to you, which of the following processes is known as the

decomposition process of a verification system into Configuration Items?

Which of the following BCP teams is the first responder and deals with the immediate effects of the disaster?

Which of the following defines the communication link between a Web server and Web applications?

Which of the following acts of information security governance affects the financial institutions?

Against which of the following does SSH provide protection?

Each correct answer represents a complete solution. Choose two.

You work as a senior project manager in SoftTech Inc. You are working on a software project using configuration management. Through configuration management, you are decomposing the verification system into identifiable, understandable, manageable, traceable units that are known as Configuration Items (CIs). According to you, which of the following processes is known as the decomposition process of a verification system into Configuration Items?

Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention?

Which of the following Tier 1 policies will identify who is responsible for what?

Which of the following documents is necessary to continue the business in the event of disaster or emergency?

Which of the following terms describes the determination of the effect of changes to the

information system on the security of the information system?

Which of the following statements are true about security risks?

Each correct answer represents a complete solution. Choose three.

Which of the following phases involves getting the final senior management signoff and creating enterprise-wide awareness of the plan?

Which of the following methods is a means of ensuring that system changes are approved before being implemented, and the implementation is complete and accurate?

Which of the following sources is the best for developing Recovery Time Objectives (RTO)?

Which of the following processes helps the organization to identify appropriate controls for

reducing or eliminating risk during the risk mitigation process?

Which of the following processes measures the maturity level of the security program?

Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention?

Which of the following response teams aims to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing among members and the community at large?

You work as a Database Administrator for Bluewell Inc. The company has a SQL Server 2005 computer. The company asks you to implement a RAID system to provide fault tolerance to a database. You want to implement disk mirroring. Which of the following RAID levels will you use to accomplish the task?

Which of the following statements about disaster recovery plan documentation are true? Each correct answer represents a complete solution. Choose all that apply.

Which of the following maturity levels of the software CMM focuses on competent people and

heroics?

Which of the following acts affects all public companies subject to US security laws?

Which of the following security procedures is NOT related to the SDLC's disposition?