Home > Quiz: Must-have compliance technologies
Quiz:
EMAIL THIS LICENSING & REPRINTS

Quiz: Must-have compliance technologies

03 Aug 2007 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

SearchSecurity.com Security School
This tip is part of SearchSecurity.com's Compliance School lesson, Must-have compliance technologies. Visit the lesson page for more learning resources.

1. For which compliance requirement should large enterprises be planning over the next six to 18 months?

  1. Japan's equivalent to Sarbanes-Oxley ("JSOX")
  2. A potential U.S. federal breach disclosure act
  3. The aftermath of PCI DSS deadlines
  4. All of the above

2. What is the ideal location for data leakage controls in order to help prevent improper release of sensitive customer data?

  1. Only around the database
  2. Around the database, in the network, and on end hosts
  3. Only in the network
  4. Only on end hosts

3. Because auditors are required to assess controls independently, organizations risk failing audits by talking to them in advance about technology plans for compliance.

  1. True
  2. False

4. Why is security compliance orchestration software helpful for compliance efforts?

  1. Because in addition to technology, 50% of controls that need to be assessed are non-technical
  2. Because most regulations require improved information availability, which can't be handled by other offerings
  3. Because most organizations have allocated compliance budget that still needs to be spent
  4. Because host-specific controls, like password policies, don't need to be examined

5. Which type of encryption control best protects mobile systems from breach disclosure compliance requirements?

  1. User-configured file & folder encryption
  2. Whole-disk encryption
  3. Network transport encryption
  4. Columnar database encryption

If you answered two or more questions incorrectly, revisit the materials from the lesson, Must-have compliance technologies:

  • Webcast: Bringing compliance under control: Key technologies to consider
  • Tip: Considerations for encryption and compliance
  • Bonus tip: Dissecting compliance workflow processes
  • Podcast: Fact or fiction: Building upon existing compliance infrastructure to meet new obligations

    If you answered four or more questions correctly, return to SearchSecurity.com's Compliance School and begin another lesson, or try another school in SearchSecurity.com's Security School Course Catalog.

    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


    RELATED CONTENT
    Must-have compliance technologies
    Dissecting compliance workflow processes
    Considerations for encryption and compliance

    PCI Data Security Standard
    Cloud compliance: How to manage SaaS risk
    Cybersecurity expert sees PCI DSS problems ahead for retailers
    Would QSAs normally write up a PCI DSS report on compliance (ROC) and submit it to all issuing card brands?
    WEP to WPA: Wireless encryption in the wake of PCI DSS 1.2
    PCI is about eliminating data, not securing it, former QSA says
    Security of customer data, IP sustains security budgets
    PCI version 1.2 clarifications: How to get an early start on compliance audits
    Version 1.2 of Payment Card Industry (PCI) Data Security Standard answers questions, raises others
    Security visualization helps make log files work
    The Little Black Book of Computer Security, 2nd Edition

    RELATED GLOSSARY TERMS
    Terms from Whatis.com − the technology online dictionary
    PCI DSS (Payment Card Industry Data Security Standard )  (SearchSecurity.com)

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary




    • Search Additional Security Research and Solutions
    Find Security Channel Research for Resellers and Partners
    TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




    All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts