Question

In: Computer Science

Which of the following represents a subcategory of the Framework Category: Information Protection Procedures? 1. Privileged...

Which of the following represents a subcategory of the Framework Category: Information Protection Procedures?

1. Privileged User Roles

2. Maintenance and Repair

3. Removable Media

4. Continuous Improvement

Q.

Which of the following is considered a primary reason that an organization has unmanaged assets that have a high likelihood of compromise?

1.

Threats to critical assets

2.

Vulnerabilities that are mitigated with weak controls

3.

Vulnerabilities that are mitigated by strong controls

4.

High value assets

Solutions

Expert Solution

1. Ans 2.Maintenance and Repairs The performance of organisational assets Logged in a timely way, with Tools that are licenced and regulated. Maintanance and Repairs is a subcategory of the function Protect its id is (PR.MA) The framework category is divided into 3 parts 1.Function 2.Category and 3 is ID where protect is the function Maintainance and Repairs is the subcategory and id is(PR.MA).It is perfomed with policies and as well as procedures.

where as the other options,

Privileged User Roles given the right to implement a statement,It is a role to gain access to another statement or object.It is not a subcategory of the Framework Category.

And Removable Media is a media which stores data and information it is a drive such as cd dvd pendrive all are part of removable media.It is also not a subcategory of the Framework Category.

Continuous Improvement is an continuous betterment of an process and increase the improvement of the products for better perfomance.It is also not a subcategory of the Framework Category.

2.Ans 2. Vulnerabilities that are mitigated with weak controls

If an organisation doesn't take care and and manage its properties ,assets and data ,uses weak encryption .not thinking of taking care of its data,having weak link to data loss .An attacker can easily access data that have weak security leading to data loss or steal. Not managing of the valuable assets and lack of awareness can lead to security threat with massive loss.An asset is an very important thing for an organisation for the organisation mission.So it important that they be aware from the start with strong security managements.Some points related to Vulnerabilities that are mitigated with weak controls are -

  • Unprotected communication betweeen server with weak encryption
  • Absence of strong security.
  • Absence of strong control.
  • Weak encryption or password login credential which are default and are guessed easily.

Where as the other options ,

Threats to critical assets is an threat which happens because of data modification,losing of data or information and stopage of an ongoing project because of some reasons.

Vulnerabilities that are mitigated by strong controls means that the data is being protected using strong encryption.Strong authentication is being provided .High secuirty checking of incomming connections using softwaresthat provides strong protections.

High value assets is an asset of the organisation or a company which is very important for them for the project they are working on losing this by any means can stop the entire project and lead to serious loss to conitue the project.


Related Solutions

Discuss the bag collection framework, which consists of the following classes: Indentation in this group represents...
Discuss the bag collection framework, which consists of the following classes: Indentation in this group represents interface implementaion: BagInterface ....ArrayBag ....LinkedBag Indentation in this group represents inheritance: AbstractCollection ....AbstractBag ........ArrayBag ............ArraySortedBag ........LinkedBag Where are the more general (abstract) classes? Where are the more specific (concrete) classes? What are the benefits of this organization? Does it have any detriments?
1) Which of the following analytical procedures would not provide information on a potential misstatement( either...
1) Which of the following analytical procedures would not provide information on a potential misstatement( either understatement or overstatement) of the allowance for uncollectible accounts? a- compare allowance for uncollectible accounts as a percentage of accounts receivable with previous years b- compare aging categories as a percentage of accounts receivable with previous years c- compare current year gross margin percentage with previous year gross margin d- compare number of days accounts receivable are outstanding with previous years 2) An appropriate...
For each of the following specific audit procedures, identify the category (assertions about classes of transactions...
For each of the following specific audit procedures, identify the category (assertions about classes of transactions and events or assertions about account balances) and the primary assertion being tested. 1. Tracing the prices used by the entity’s billing program for pricing sales invoices to the entity’s approved price list. 2. Examining employee paychecks before and after year-end to determine if their salaries are recorded in the proper period. 3.Agreeing the total of the account’s payables subsidiary ledger to the accounts...
Question 1 In the framework of monopolistic competition, which of the following is not a possible...
Question 1 In the framework of monopolistic competition, which of the following is not a possible outcome for a firm that runs a successful advertising campaign? Select the correct answer below: allocative efficiency the ability of the firm to charge a higher price the ability of the firm to sell a greater quantity an increase in profits for the firm Question 2 In a market characterized by monopolistic competition, how will new firms choose to engage this market? Select the...
Which of the following hiring procedures would provide the most control over the accuracy of information...
Which of the following hiring procedures would provide the most control over the accuracy of information submitted on an employment application? Select one: a. Applicants are required to submit copies of their transcripts as verification of their educational credentials. b. Letters of recommendation that attest to the applicant's character submitted by the applicant. c. Applicants are required to sign a statement indicating that the information on the application is true and correct, as a confirmation of the truth of the...
1) Which of the following is a condition that represents inflammation of a herniation through the...
1) Which of the following is a condition that represents inflammation of a herniation through the colon muscular wall? a) Diverticulosis b) Diverticulitis 2) Which of the following is not associated with excessive ethanol consumption? a) Irritable bowel syndrome b) Inflammation bowel disease c) hyperlipidemia 3) A tension pneumothorax permits air to enter and leave the pleural space during respiration. True or False ? 4)  Which form of viral hepatitis involves mainly the portal triad tissue (portal tract)? a) chronic active...
1-Explain why the IKEA's information system belong to which information system category (TPS, MIS, DSS, ESS,...
1-Explain why the IKEA's information system belong to which information system category (TPS, MIS, DSS, ESS, ERP, CRM, SCM, KMS). Support. 2-Which strategic business objectives can be achieved by using the information systems of IKEA? Prove and support your idea.
QUESTION 1 In accordance with the IASB Conceptual Framework, which of the following is consistent with...
QUESTION 1 In accordance with the IASB Conceptual Framework, which of the following is consistent with the definition of expenses? Decreases in assets, or decreases in liabilities, that result in increases in equity, other than those relating to distributions to holders of equity claims. Decreases in assets, or increases in liabilities, that result in decreases in equity, other than those relating to control of equity claims. Decreases in assets, or increases in liabilities, that result in decreases in equity, other...
The following description represents the policies and procedures for agent expense reimbursements at Excel Insurance Company....
The following description represents the policies and procedures for agent expense reimbursements at Excel Insurance Company. Agents submit a completed expense reimbursement form to their branch manager at the end of each week. The branch manager reviews the expense report to determine whether the claimed expenses are reimbursable based on the company’s expense reimbursement policy and reasonableness of amount. The company’s policy manual states that agents are to document any questionable expense item and that the branch manager must approve...
The following description represents the policies and procedures for agent expense reimbursements at Excel Insurance Company....
The following description represents the policies and procedures for agent expense reimbursements at Excel Insurance Company. Agents submit a completed expense reimbursement form to their branch manager at the end of each week. The branch manager reviews the expense report to determine whether the claimed expenses are reimbursable based on the company’s expense reimbursement policy and reasonableness of amount. The company’s policy manual states that agents are to document any questionable expense item and that the branch manager must approve...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT