Question 1

Why shouldn't information about specific systems be included in a job description?&#10;A) To make sure candidates know all systems&#10;B) To protect against social engineering and other attacks&#10;C) To get as many candidates as possible&#10;D) To get more knowledgeable candidates

Accepted Answer

Including specific system information in job descriptions can inadvertently provide potential attackers with valuable information, making the organization more vulnerable to social engineering and other types of cyber attacks.

Question 2

During what step of the employee life cycle are employees added to the organization's benefit system?&#10;A) Recruitment&#10;B) Onboarding&#10;C) User provisioning&#10;D) Orientation

Accepted Answer

Onboarding is the step in the employee life cycle where new hires are integrated into the organization, which typically includes adding them to the organization's benefit system.

Question 3

Which of the following is part of the user provisioning phase of the employee life cycle?&#10;A) The employee is added to the organization's payroll.&#10;B) The employee is provided with a username or smart card.&#10;C) A background check is conducted for the employee.&#10;D) The employee expectations of privacy are determined.

Accepted Answer

During the user provisioning phase of the employee life cycle, employees are typically provided with the necessary credentials and access to systems they need to perform their jobs. This includes being given a username or smart card for system access.

Question 4

Which of the following steps of the employee life cycle is considered the most dangerous?&#10;A) Termination&#10;B) Onboarding&#10;C) Recruitment&#10;D) User provisioning

Accepted Answer

Termination is considered the most dangerous step in the employee life cycle because it can lead to potential security risks or retaliatory actions by the departing employee, such as data theft, sabotage, or other malicious activities.

Question 5

Which of the following best describes the purpose of security awareness?&#10;A) To teach skills that would allow a person to perform a certain function&#10;B) To focus attention on security&#10;C) To integrate all the security skills and competencies into a common body of knowledge&#10;D) To involve management in the process

Accepted Answer

Security awareness primarily aims to focus attention on security, ensuring that individuals are aware of the importance of protecting information and resources.

Question 6

Which stage of the employee life cycle includes all the processes leading up to and including the hiring of a new employee?&#10;A) Onboarding&#10;B) Career development&#10;C) Recruitment&#10;D) Orientation

Accepted Answer

Recruitment is the stage in the employee life cycle that encompasses all activities related to attracting, selecting, and hiring new employees.

Question 7

Which of the following best describes the purpose of security training?&#10;A) To teach skills that would allow a person to perform a certain function&#10;B) To focus attention on security&#10;C) To integrate all the security skills and competencies into a common body of knowledge&#10;D) To involve management in the process

Accepted Answer

The answer of Which of the following best describes the...

Question 8

Which of the following statements about security awareness is not true?&#10;A) The purpose of security awareness is to focus attention on security.&#10;B) Awareness is training.&#10;C) Security awareness programs are designed to remind users of appropriate behaviors.&#10;D) A poster reminding users not to write their password down is an example of an awareness program.

Accepted Answer

Awareness is not the same as training. Security awareness aims to increase overall consciousness about security matters, while training provides specific skills or knowledge.

Question 9

During what stage of the employee life cycle are user accounts disabled?&#10;A) Career development&#10;B) Termination&#10;C) User provisioning&#10;D) Onboarding

Accepted Answer

User accounts are typically disabled during the Termination stage of the employee life cycle, as this is when an employee's association with the organization ends.

Question 10

Which of the following sections of the Acceptable Use Agreement dictates how information must be stored, transmitted, and communicated?&#10;A) Introduction&#10;B) Data classification&#10;C) Applicable policy statements&#10;D) Handling standards

Accepted Answer

Handling standards specifically outline the procedures and requirements for how information should be stored, transmitted, and communicated, ensuring that data is handled securely and in compliance with policies.

Question 11

Which of the following specifies that schools must have written permission to release any information from a student's education record?&#10;A) FACTA&#10;B) FCRA&#10;C) FERPA&#10;D) DPPA

Accepted Answer

The answer of Which of the following specifies that schools...

Question 12

SETA is short for which of the following?&#10;A) Security Education, Training, and Awareness&#10;B) Social Education, Training, and Application&#10;C) Security Education, Training, and Application&#10;D) Social Education, Training, and Awareness

Accepted Answer

The answer of SETA is short for which of the...

Question 13

Which stage of the employee life cycle includes the process for transitioning employees out of an organization?&#10;A) Termination&#10;B) Off-boarding&#10;C) User provisioning&#10;D) Onboarding

Accepted Answer

The answer of Which stage of the employee life cycle...

Question 14

Which type of employee background check includes verification of all relevant licenses, certifications, or credentials?&#10;A) Educational&#10;B) License/certification&#10;C) Employment&#10;D) Criminal history

Accepted Answer

The answer of Which type of employee background check includes...

Question 15

Which phase in obtaining a U.S. government security clearance includes a comprehensive background check?&#10;A) Application phase&#10;B) Adjudication phase&#10;C) Investigative phase&#10;D) Granting (or denial) of clearance at a specific level

Accepted Answer

The answer of Which phase in obtaining a U.S. government...

Question 16

An employee should learn about which of the following during orientation?&#10;A) The company&#10;B) The job&#10;C) Their co-workers&#10;D) All of the above

Accepted Answer

The answer of An employee should learn about which of...

Question 17

A confidentiality agreement for employees, contractors, and outsourcers is also known as which of the following?&#10;A) Non-disclosure agreement&#10;B) Acceptable use agreement&#10;C) Handling standards&#10;D) Internet access security

Accepted Answer

The answer of A confidentiality agreement for employees, contractors, and...

Question 18

Which component of an acceptable use agreement defines (and includes examples of) the classification schema adopted by the organization?&#10;A) Introduction&#10;B) Data classifications&#10;C) Applicable policy statements&#10;D) Handling standards

Accepted Answer

The answer of Which component of an acceptable use agreement...

Question 19

In which stage of the employee life cycle does the employee settle into the job, integrate with the corporate culture, and establish his or her role within the organization?&#10;A) Onboarding&#10;B) Career development&#10;C) User provisioning&#10;D) Orientation

Accepted Answer

The answer of In which stage of the employee life...

Question 20

Which of the following NIST publications is known as The NIST Handbook?&#10;A) SP 800-12&#10;B) SP 800-16&#10;C) SP 800-50&#10;D) SP 800-100

Accepted Answer

The answer of Which of the following NIST publications is...

Deck 6: Human Resources Security