Reference no: EM132228293
1. According to PCI Security Standards Council (PCI SSC) what requirement(s) listed below are required to protect data that is stored, processed or transmitted via information systems?
A. Maintain an Information Security Policy
B. Maintain a Vulnerability Management Program
C. Build and Maintain Secure Networks and Systems
D. All of the Above
2. Your company has decided to by a cyber insurance policy, according to the text what type of risk decision is this?
A. Mitigation
B. Avoidance
C. Transference
D. Acceptance
3. The textbook emphases a "must have" network management policy that is applied by an organization to ensure that employees have restricted access based on "need to know" as it relates to their job assignment this is known as ___________________________.
Application Security Priviledge
Network Segmentation
Continuous Monitoring
Least Privilege
4. When building a cyber risk strategy the four critical questions that an organization must ask itself. Which is not one of those questions?
A. Where are we now?
B. Where do we want to be?
C. How long have we been here?
D. What do we have to work with?