Who should DECIDE how a company should approach security and what security measures should be implemented?谁应该决定一个公司应该如何对待安全以及实施什么样的安全措施?()A、Data owner 数据拥有者B、Auditor 审计员C、The information security specialist 信息安全专家D、Senior management 高级管理者

题目

Who should DECIDE how a company should approach security and what security measures should be implemented?谁应该决定一个公司应该如何对待安全以及实施什么样的安全措施?()

  • A、Data owner 数据拥有者
  • B、Auditor 审计员
  • C、The information security specialist 信息安全专家
  • D、Senior management 高级管理者
相似考题

1.In bringing up the concept of GASP the author is making the point that[A] shareholders interests should be properly attended to.[B] information protection should be given due attention.[C] businesses should enhance their level of accounting security.[D] the market value of customer data should be emphasized.

2.Who should measure the effectiveness of Information System security related controls in an organization?在一个组织内,谁应该衡量信息系统安全相关控制的有效性?()A、The local security specialist本地安全专家B、The systems auditor系统审计师C、The central security manager中心安全经理D、The business manager业务经理

3.What is a "system high" security policy?什么是一个“系统高”的安全策略?()A、A system where all users are cleared to view the most highly classified data on the system.系统上的所有用户被许可查看最高级别的数据B、A system that contains only data of one security classification.只包含一个安全级别的数据C、A system with data that contains only data of the highest security classification.只包含最高安全级别的数据D、A system that uses a Multi-Level Security Policy to separate the highly classified data from the other data residing on the system.使用多级安全策略去划分高级别数据和其他数据。

4.( )contributes to monitoring and data collection by defining security monitoring and data collection requirements.A.information continuity management B.information catalogue management C.information security management D.information distribution management

更多“Who should DECIDE how a company should approach security and what security measures should be implemented?谁应该决定一个公司应该如何对待安全以及实施什么样的安全措施?()A、Data owner 数据拥有者B、Auditor 审计员C、The information security specialist 信息安全专家D、Senior management 高级管理者”相关问题

  • 第1题:

    What are two important approaches to communicate when identifying a customer’s security risks? (Choose two.) ()

    • A、 Smaller companies are at less risk than larger enterprises, so their security needs are not as great.
    • B、 Business strategy should directly relate to the security policy and budget.
    • C、 The designated security expert should report to the IT department, since that is where thesolution will be implemented.
    • D、 Security should be a continuous process.
    • E、 Security solutions should come from multiple vendors to make it easier to coordinate security events from the point of origin.

    正确答案:B,D

  • 第2题:

    Which of the following is given the responsibility of the maintenance and protection of the data?下列哪一角色对数据的维护和保护负有责任()

    • A、Security administrator 安全管理员
    • B、Data custodian 数据管理者
    • C、Data owner 数据拥有者
    • D、User 用户

    正确答案:B

  • 第3题:

    The security team has implemented new guidelines on how to handle sensitive information storedon workstations based on a past incident involving information found on donated workstations.Which of the following should be completed by technicians before donating the workstations?()

    • A、Install a new operating system
    • B、Delete users’ data before donation
    • C、Write the drive with 1’s and 0’s three times
    • D、Delete all partitions of the hard drive

    正确答案:C

  • 第4题:

    An administrator was asked to log information on possible security breaches on a server.  To which file should additional entries be added to capture this information()

    • A、/var/adm/sulog
    • B、/etc/syslog.conf
    • C、/etc/security/sysck.cfg
    • D、/etc/security/syslog.conf

    正确答案:B

  • 第5题:

    You need to recommend a solution for managing the address information of the user accounts. The solution must meet the company’s security requirements. What should you include in the recommendation?()

    • A、Active Directory delegation
    • B、Authorization Manager
    • C、built-in security groups
    • D、user rights assignments

    正确答案:A

  • 第6题:

    You work in a company which is named Wiikigo Corp. The company uses SQL Server 2008. You are the administrator of the company database. Now you are in charge of a SQL Server 2008 instance.You must make sure that all SQL Server instances are consistently configured for naming conventions, security settings, force index creation and avoidance of data fragmentation. So what action should you perform to achieve this goal?()  

    • A、You should use the Database Engine Tuning Advisor. 
    • B、In Microsoft SQL Server Management Studio, you should create a maintenance plan 
    • C、You should use the SQL Server Configuration Manager 
    • D、In Microsoft SQL Server Management Studio, you should create a policy

    正确答案:D

  • 第7题:

    多选题
    Which two statements about Cisco Security Management Suite are correct?()
    A

    It should be implemented in a management VLAN.

    B

    Its connection to managed devices should be over a data VLAN.

    C

    It is made up of Cisco Security MARS and Clean Access software.

    D

    It should be deployed as close to the edge of the network as possible.

    E

    It delivers policy administration and enforcement for the Cisco Self-Defending Network.


    正确答案: A,B
    解析: 暂无解析

  • 第8题:

    单选题
    You work in a company which is named Wiikigo Corp. The company uses SQL Server 2008. You are the administrator of the company database. Now you are in charge of a SQL Server 2008 instance.You must make sure that all SQL Server instances are consistently configured for naming conventions, security settings, force index creation and avoidance of data fragmentation. So what action should you perform to achieve this goal?()
    A

    You should use the Database Engine Tuning Advisor. 

    B

    In Microsoft SQL Server Management Studio, you should create a maintenance plan 

    C

    You should use the SQL Server Configuration Manager 

    D

    In Microsoft SQL Server Management Studio, you should create a policy


    正确答案: B
    解析: 暂无解析

  • 第9题:

    单选题
    Who should measure the effectiveness of Information System security related controls in an organization?在一个组织内,谁应该衡量信息系统安全相关控制的有效性?()
    A

    The local security specialist本地安全专家

    B

    The systems auditor系统审计师

    C

    The central security manager中心安全经理

    D

    The business manager业务经理


    正确答案: A
    解析: 暂无解析

  • 第10题:

    多选题
    What are two important approaches to communicate when identifying a customer’s security risks? (Choose two.) ()
    A

    Smaller companies are at less risk than larger enterprises, so their security needs are not as great.

    B

    Business strategy should directly relate to the security policy and budget.

    C

    The designated security expert should report to the IT department, since that is where thesolution will be implemented.

    D

    Security should be a continuous process.

    E

    Security solutions should come from multiple vendors to make it easier to coordinate security events from the point of origin.


    正确答案: A,C
    解析: 暂无解析

  • 第11题:

    单选题
    Who should DECIDE how a company should approach security and what security measures should be implemented?谁应该决定一个公司应该如何对待安全以及实施什么样的安全措施?()
    A

    Data owner 数据拥有者

    B

    Auditor 审计员

    C

    The information security specialist 信息安全专家

    D

    Senior management 高级管理者


    正确答案: D
    解析: 暂无解析

  • 第12题:

    单选题
    Which must bear the primary responsibility for determining the level of protection needed for information systems resources?哪一个角色必须承担决定信息系统资源保护级别的主要责任?()
    A

    IS security specialists IS安全专家

    B

    Senior Management高级管理层

    C

    Senior security analysts高级安全分析师

    D

    systems Auditors系统审计师


    正确答案: C
    解析: 暂无解析

  • 第13题:

    Which two statements about Cisco Security Management Suite are correct?()

    • A、It should be implemented in a management VLAN.
    • B、Its connection to managed devices should be over a data VLAN.
    • C、It is made up of Cisco Security MARS and Clean Access software.
    • D、It should be deployed as close to the edge of the network as possible.
    • E、It delivers policy administration and enforcement for the Cisco Self-Defending Network.

    正确答案:A,E

  • 第14题:

    Which must bear the primary responsibility for determining the level of protection needed for information systems resources?哪一个角色必须承担决定信息系统资源保护级别的主要责任?()

    • A、IS security specialists IS安全专家
    • B、Senior Management高级管理层
    • C、Senior security analysts高级安全分析师
    • D、systems Auditors系统审计师

    正确答案:B

  • 第15题:

    Which of the following security policies is BEST to use when trying to mitigate the risks involved with allowing a user to access company email via their cell phone?()

    • A、The cell phone should require a password after a set period of inactivity.
    • B、The cell phone should only be used for company related emails.
    • C、The cell phone data should be encrypted according to NIST standards.
    • D、The cell phone should have data connection abilities disabled.

    正确答案:A

  • 第16题:

    A system administrator was asked to log information on possible security breaches on a server. Which file should additional entries be added to capture this information?()

    • A、/var/adm/sulog
    • B、/etc/syslog.conf
    • C、/etc/security/sysck.cfg
    • D、/etc/security/login.cfg

    正确答案:B

  • 第17题:

    You need to recommend a management solution for Server1 that meets the company's security  requirements.   What should you include in the recommendation?()

    • A、access-based enumeration (ABE)
    • B、Authentication Mechanism Assurance
    • C、Authorization Manager
    • D、Hyper-V Manager

    正确答案:C

  • 第18题:

    You need to recommend a security strategy for WebApp2 that meets the company’s applicaton  requirements.What should you include in the recommendation?()

    • A、Basic authentication and connection security rules
    • B、Basic authentication and SSL
    • C、Digest authentication and connection security rules
    • D、Digest authentication and SSL

    正确答案:B

  • 第19题:

    单选题
    What is a "system high" security policy?什么是一个“系统高”的安全策略?()
    A

    A system where all users are cleared to view the most highly classified data on the system.系统上的所有用户被许可查看最高级别的数据

    B

    A system that contains only data of one security classification.只包含一个安全级别的数据

    C

    A system with data that contains only data of the highest security classification.只包含最高安全级别的数据

    D

    A system that uses a Multi-Level Security Policy to separate the highly classified data from the other data residing on the system.使用多级安全策略去划分高级别数据和其他数据。


    正确答案: B
    解析: 暂无解析

  • 第20题:

    单选题
    You need to recommend a management solution for Server1 that meets the company's security  requirements.   What should you include in the recommendation?()
    A

    access-based enumeration (ABE)

    B

    Authentication Mechanism Assurance

    C

    Authorization Manager

    D

    Hyper-V Manager


    正确答案: B
    解析: 暂无解析

  • 第21题:

    单选题
    The Ship Security Plan should indicate the operational and physical () the ship itself should take to ensure it always operates at security level 1.
    A

    precaution measures

    B

    safety measures

    C

    security measures

    D

    emergency response measures


    正确答案: D
    解析: 暂无解析

  • 第22题:

    单选题
    According to the ISPS Code, for a sailing ship, the following except()should be onboard.
    A

    a ship security plan

    B

    a ship security officer

    C

    a company security officer

    D

    certain onboard equipments


    正确答案: D
    解析: 暂无解析

  • 第23题:

    单选题
    Stephen Smith feels that
    A

    the security of information on the network used to be a worry.

    B

    all the data should be stored on the same system.

    C

    the company’s computer-based information is well-protected.


    正确答案: C
    解析:
    倒数第二段讲到了系统的安全问题。Smith说到,他们在他们自己内部的安全系统里运行这个软件,数据是在一个特殊的“sandbox”,而这个“sandbox”是与剩余的系统分开的。由此可知,公司的计算机信息是受到良好保护的,所以选C。

相关内容