Home > Quiz: Ensuring compliance across the extended enterprise
Quiz:
EMAIL THIS

Quiz: Ensuring compliance across the extended enterprise

21 Jun 2007 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

This quiz is part of Ensuring compliance across the extended enterprise, a lesson in SearchSecurity.com's Compliance School. Visit the Ensuring compliance across the extended enterprise lesson page for additional learning resources.

1. Why is a standards-based partnership management program valuable?

  1. It provides a simple check-in-the-box method to determine the adequacy of partner security practices.
  2. It is an inexpensive way to gather information regarding security practices that is applicable to partners of every risk class.
  3. It provides a consistent method of gathering important information about partner security practices that can be compared across reviews and partners.
  4. It provides a focused method of evaluating service designs and exchange protocols.

2. Why are periodic reviews of partner security practices necessary?

  1. To make sure the partner organization knows that it is being monitoring.
  2. To detect important changes in practices and infrastructure.
  3. To ensure that monitoring mechanisms are still working.
  4. To meet the administrators face to face.

3. Why is assessing the requirements for information flow important in dealing with partner connections?

  1. To ensure that the processing is as efficient as possible.
  2. To ensure that encryption is always used on every connection.
  3. To determine the performance requirements of all communication links.
  4. To ensure that only required sensitive information is exchanged with the partner and that it is protected adequately.

4. What technology is least likely to be useful in managing partner services?

  1. Firewalls
  2. Intrusion detection
  3. Identity management
  4. Two-factor authentication

5. What is the most likely source of problems when a security incident at a partner site occurs?

  1. Inadequate preparation and coordination of plans
  2. Virus infection
  3. Compromise due to a well-known vulnerability
  4. Failure of a cryptographic algorithm

If you answered two or more questions incorrectly, revisit the materials from the lesson Ensuring compliance across the extended enterprise:

  • Webcast: Key technologies for ensuring partner compliance with SLAs
  • Tip: ISO 17799: A methodical approach to partner and service provider security management
  • Podcast: Top 5 pitfalls of partner security management

    If you answered four or more questions correctly, return to SearchSecurity.com's Compliance School and begin another lesson, or try another school in SearchSecurity.com's Security School Course Catalog.

    BROWSE BY TAG
    Compliance School,   Ensuring compliance across the extended enterprise,   Security Audit, Compliance and Standards,   Sarbanes-Oxley Act,   VIEW ALL TAGS

    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



    RELATED CONTENT
    Ensuring compliance across the extended enterprise
    ISO 17799: A methodical approach to partner and service provider security management

    Sarbanes-Oxley Act
    SOX compliance burdens midmarket security teams
    Ex-SEC chief Pitt decries state of Sarbanes-Oxley, risk management
    Information security book excerpts and reviews
    Internal audits for Sarbanes Oxley and internal IT support
    Internal auditors and CISOs mitigate similar risks
    Implement security and compliance in a risk management context
    Does password sharing in international branches violate SOX?
    Consensus Controls project aims to set benchmarks for compliance
    Security visualization helps make log files work
    The Little Black Book of Computer Security, 2nd Edition
    Sarbanes-Oxley Act Research

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary




    • Search Additional Security Research and Solutions
    TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Site Map




    All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts