Chapter 1 Information Security

1. Information security is specific to securing information, whereas information systems security is focused on the security if the systems that house the information. A. True 2. Software manufactures limit their liability when selling software using which of the following? A. End User licensing agreements. 3. The ________ tenet of the information systems security is concerned with the recovery time objective. C. Availability 4. Encrypting data on storage devices or hard drives is a main strategy to ensure data integrity. B.False 5. Organizations that require customer service representatives to access private customer data can best protect customer privacy and make it easy to access other customer data by using which of the following security controls? B. Blocking out customer private data details and allowing access only to the last four digits of Social Security numbers or account numbers. 6. The ________ is the weakest link in an IT infrastructure? E. User Domain 7. Which of the following security controls can help mitigate malicious e-mail attachments? E. All the above. 8. You can help ensure confidentiality by implementing ___________. D. A virtual private network for remote access. 9. Encrypting email communications is needed if you are sending confidential information within an email message through the public Internet. A. True 10. Using security policies, standards, procedures, and guidelines helps organizations decrease risk and threats. A. True 11. A data classification standard is usually apart of which policy definition? A. Asset protection policy. 12. The SSP professional certification is geared toward which of the following information systems security positions? A. IT security practitioner. 13. Maximizing availability primarily involves minimizing ___________. E. All the above. 14. Which of the following is not a U.S. compliance law or act? D. PCI DSS 15.