CS205 MID TERM SOLVED MCQs || PAST PAPERS || GROUP-4 || INFORMATION SECURITY || VuTech
Visit Website For More Solutions
www.vutechofficial.blogspot.com
CS205
Information Security
Solved Mid Term Past Papers
______________________________
MCQs
______________________________
Group-4
Question No: 1
Which of the following statement is false?
a) PCI-DSS has six broad goals and twelve requirements
b) COBIT has five enablers and seven principles
c) Iso27001:2013 has ten short clauses and a long annex with 14 sections, and 113 controls
d) PCI-DSS is applicable only to credit card related industry
Correct Answer:
The correct answer is 'b'.
Question No: 2
The ITU global cyber security index (GCI) covers:
a) Legal, technical, organizational, capacity building and cybercrime
b) Legal, technical, organizational, capacity building and cooperation
c) Legal, technical, organizational, business and cooperation
d) Legal, technical, military, capacity building and cooperation
Correct Answer:
The correct answer is 'b'.
Question No: 3
In information security life cycle methodology and framework phase comes in _____ step.
a) Assess Current Posture
b) Implement Controls
c) Remediation Plan
d) Test / Validate
Correct Answer:
The correct answer is 'c'.
Visit Website For More Solutions
www.vutechofficial.blogspot.com
Question No: 4
In Global Cyber Security Index 2017 (ITU) Pakistan at ranked _____.
a) 23rd
b) 72nd
c) 67th
d) 53rd
Correct Answer:
The correct answer is 'c'.
Question No: 5
The verizon and symantec reports show that _____ .
a) Web is the most vulnerable vector
b) Malicious internal users or disgruntled employees cause most damage
c) IOT is more secure than other technologies
d) Email is the most attacked vector
Correct Answer:
The correct answer is 'b'.
Visit Website For More Solutions
www.vutechofficial.blogspot.com
Question No: 6
During the "test / validate" stage ______ .
a) All security projects & activities are presented on a dashboard
b) The information security team conducts a review of correctness and coverage of security control implementation
c) The security project charter is reviewed
d) A third-party is invited for review
Correct Answer:
The correct answer is 'b'.
Question No: 7
Policies and procedures are the part of ______ layer in information security transformation framework.
a) Vulnerability Management
b) Security Hardening
c) Security Engineering
d) Security Governance
Correct Answer:
The correct answer is 'd'.
Question No: 8
What are the three types of redundant site models in an enterprise network?
a) Hot site, cold site and warm site
b) Highly available site, fault tolerant site and DR site
c) Primary site, secondary site and DR site
d) Both a & b
Correct Answer:
The correct answer is 'a'.
Visit Website For More Solutions
www.vutechofficial.blogspot.com
Question No: 9
The impact of vm sprawl is that _______ .
a) Vms can be created quickly, self-provisioned, or moved between physical servers, leading to too many vm's
b) Vms can be created quickly, self-provisioned, or moved between physical servers, avoiding conventional change management process
c) Vms can be created quickly, self-provisioned, or moved between physical servers, causing performance issues
d) Virtual machines may not be allocated sufficient resources
Correct Answer:
The correct answer is 'b'.
Question No: 10
A security project ___________ .
a) Has no end date
b) Is part of the security program
c) Has to be signed off by senior management
d) May be undertaken to control malware
Correct Answer: