CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
1. You have been asked to document the different threats to an internal file server. As part of that documentation, you need toinclude the monetary impact of each threat occurrence. What should you do?
A) Determine the ARO for each threat occurrence.
B) Determine the ALE for each threat occurrence.
C) Determine the EF for each threat occurrence.
D) Determine the SLE for each threat occurrence.
2. Your company has decided to deploy network access control (NAC) on the enterprise to ensure that all devices comply withcorporate security policies. Which of the following should be done first?
A) Develop the policy for NA
B) Implement NA
C) Develop the process for NA
D) Develop the procedures for NA
3. Which of the following is a standard that the security automation community uses to enumerate software flaws and configuration issues?
A) SCAP
B) OWASP
C) CANVAS
D) SIEM
4. Which of the following is most likely to be affected by the Sarbanes-Oxley (SOX) Act?
A) retail company
B) federal contracting company
C) healthcare company
D) publicly traded corporation
5. Which IPv4-to-IPv6 transition mechanism assigns addresses and creates host-to-host tunnels for unicast IPv6 traffic when IPv6hosts are located behind IPv4 network address translators?
A) GRE tunnels
B) Teredo
C) 6to4
D) dual stack
A) Determine the ARO for each threat occurrence.
B) Determine the ALE for each threat occurrence.
C) Determine the EF for each threat occurrence.
D) Determine the SLE for each threat occurrence.
2. Your company has decided to deploy network access control (NAC) on the enterprise to ensure that all devices comply withcorporate security policies. Which of the following should be done first?
A) Develop the policy for NA
B) Implement NA
C) Develop the process for NA
D) Develop the procedures for NA
3. Which of the following is a standard that the security automation community uses to enumerate software flaws and configuration issues?
A) SCAP
B) OWASP
C) CANVAS
D) SIEM
4. Which of the following is most likely to be affected by the Sarbanes-Oxley (SOX) Act?
A) retail company
B) federal contracting company
C) healthcare company
D) publicly traded corporation
5. Which IPv4-to-IPv6 transition mechanism assigns addresses and creates host-to-host tunnels for unicast IPv6 traffic when IPv6hosts are located behind IPv4 network address translators?
A) GRE tunnels
B) Teredo
C) 6to4
D) dual stack
1. Right Answer: D
Explanation: SLE indicates the monetary impact of each threat occurrence. ARO is the estimate of how often a given threat might occur annually. ALE is the expected risk factor of an annual threat event. EF is the percent value or functionality of an asset that will be lost when a threat event occurs.
2. Right Answer: A
Explanation: First, you should develop the policy for NAC. A policy should be written first, and then the process, and then the procedures.
3. Right Answer: A
Explanation: Security Content Automation Protocol (SCAP) is a standard that the security automation community uses to enumerate software flaws and configuration issues. It standardized the nomenclature and formats used. A vendor of security automation products can obtain a validation against SCAP, demonstrating that it will interoperate with other scanners and express the scan results in a standardized way.
4. Right Answer: D
Explanation: A publicly traded corporation is most likely to be affected by the Sarbanes-Oxley (SOX) Act.
5. Right Answer: B
Explanation: Teredo assigns addresses and creates host-to-host tunnels for unicast IPv6 traffic when IPv6 hosts are located behind IPv4 network address translators.
Explanation: SLE indicates the monetary impact of each threat occurrence. ARO is the estimate of how often a given threat might occur annually. ALE is the expected risk factor of an annual threat event. EF is the percent value or functionality of an asset that will be lost when a threat event occurs.
2. Right Answer: A
Explanation: First, you should develop the policy for NAC. A policy should be written first, and then the process, and then the procedures.
3. Right Answer: A
Explanation: Security Content Automation Protocol (SCAP) is a standard that the security automation community uses to enumerate software flaws and configuration issues. It standardized the nomenclature and formats used. A vendor of security automation products can obtain a validation against SCAP, demonstrating that it will interoperate with other scanners and express the scan results in a standardized way.
4. Right Answer: D
Explanation: A publicly traded corporation is most likely to be affected by the Sarbanes-Oxley (SOX) Act.
5. Right Answer: B
Explanation: Teredo assigns addresses and creates host-to-host tunnels for unicast IPv6 traffic when IPv6 hosts are located behind IPv4 network address translators.
0 Comments
Leave a comment
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
