CPE Quiz #
81
Based on Information Systems Control Journal Volume 6, 2001
A passing score of 75 percent qualifies for one (1) hour of CISA/CISM/CGEIT Continuing Professional Education (CPE) Credit
Your results will appear in a new window.
Enter your name below so it displays on the quiz results page:
Name:
Bourdariat Article1. The author defines IT governance as the strategic alignment of information and communication technologies (ICT) with corporate objectives.
2. In part because of improved communications systems and technology, modern IT governance trends toward decentralized systems.
3. The author forecasts that technology changes including the Internet will ultimately result in organizations opening up their help desk to directly support their customers' use of their own systems.
Burnette and Gomez Article4. The Code Red worm exploited hundreds of thousands of systems even though a fix to remediate the exposures had existed for months prior to the Code Red outbreak.
5. The White House was able to defend successfully against the Code Red attack because its systems had been patched and remediated prior to the outbreak of the worm.
6. The vulnerability affected systems running Microsoft Windows NT, Windows 2000 and UNIX variants such as Linux, Solaris and HP-UX.
Kreitner and Miuccio Article7. The Center for Internet Security (CIS) is a nonprofit organization formed in October 2000 to develop technical benchmarks for most widely used operating systems and Internet software applications.
8. CIS developed two levels of benchmarks. Level-1 benchmarks define minimal levels of due care security, while Level-2 is more stringent and defines best practices as defined by CIS members.
9. Because of its nonprofit status, membership in CIS is free to all individuals and corporations.
Pang Article10. Knowledge management (KM) technologies supporting virtual organizations (VO) include XML, portals, wireless devices and virtual reality.
11. Examples of virtual organization success in the private sector cited by the author include: Dell Computers, British Airways and Nike.
12. Managerial issues related to virtual organizations include loss of personal contact, ensuring employee self-motivation and discipline, and managing and controlling at a distance.
13. Organizational trends related to VO and KM include: more telecommuting, increased use of wireless technologies, and document sharing technologies such as Lotus Notes and Documentum.
14. Key success criteria for a VO, as cited by the author, include: establishing set employee schedules, permitting significant mobility for individuals, and maintaining and enforcing clear guidelines and rules for workers in the VO.
Ramakrishnan Article15. Types of Internet banking processes include transactional, informational and communicative. Each of these has a different risk profile, with communicative generally having the highest level of risk, due to the strict regulations of the banking industry.
16. Because of technology and process innovation, Internet banking opens up new risk categories for managers and decision makers in the banking field.
17. Security controls requiring additional scrutiny by managers in the Internet banking field include: privacy, nonrepudiation, and mandatory and discretionary access controls.
Mahadevan Article18. Intrusion detection systems (IDS) either can be host-based or network-based. For both types of IDS, the primary purpose is to ward off hostile attacks by terminating or resetting sessions.
19. IDS often are needed, even if an enterprise has simple or adaptive proxy firewall systems implemented.
20. Most IDS work by comparing actual network traffic to known attacks and then proactively shutting down vulnerable network components based on a heuristic analysis of the traffic.
|
Your results will appear in a new window.
|
Please note: This quiz requires a JavaScript-enabled browser.
If the quiz is not displayed above, you either do not have a browser which
supports JavaScript or JavaScript support has been disabled.
|
|
|