6. Which of the following are actions and/or steps that can be taken to avoid leaks and disclosures when handling sensitive data?

  • Giving the employees the right tools to get their work done without compromising security.
  • Understanding what employees need to do to accomplish their jobs.
  • Giving unrestricted access to the employees handling sensitive data
  • Allowing employees to write their passwords on a post-it note

7. When evaluating the services of a vendor company, which of the following can be used to assess their security capabilities? Check all that apply.

  • Ask the vendor to complete a questionnaire
  • Assume that they’re using industry-standard solutions
  • Request full access to the vendor systems to perform an assessment
  • Ask them to provide any penetration testing or security assessment reports

8. What is the goal of mandatory IT security training for an organization? Check all that apply.

  • To punish employees with poor security practices
  • To educate employees on how to stay secure
  • To build a culture that prioritizes security
  • To avoid the need for a security team

9. Which of the following are necessary in the organization to create a culture that makes security a priority? Select all that apply.

  • Reinforce and reward behaviors that boost the security of the organization
  • A working environment that encourages people to speak up.
  • Punish employees every time they make poor security practices
  • Designated communication channels

10. A long and complex password requirement is designed to protect against _________.

  • lazy users
  • employees memory lost
  • brute force attacks
  • password reuse

Devendra Kumar

Project Management Apprentice at Google

Leave a Reply