Golden Gate University IT Security Policies to Help Mitigate Risk Lab 9 Quiz
Golden Gate University IT Security Policies to Help Mitigate Risk Lab 9 Quiz
QUESTION 1
- The purpose of security policies is to:
|
identify risks and vulnerabilities. |
||
|
help mitigate identified risks. |
||
|
document the security measures the organization is currently following. |
||
|
eliminate all risks. |
10 points
QUESTION 2
- The Family Educational Rights and Privacy Act (FERPA) gives parents certain rights with respect to:
|
their children’s education records. |
||
|
their children’s medical records. |
||
|
the type of education their children receive. |
||
|
the medical treatment their children receive. |
10 points
QUESTION 3
- Which of the following is a Federal law that protects the privacy of student education records?
|
Student Education Records Act (SERA) |
||
|
Family Educational Rights and Privacy Act (FERPA) |
||
|
Intellectual Property Act (IPA) |
||
|
Gramm-Leach-Bliley Act (GLBA) |
10 points
QUESTION 4
- The task of identifying your IT assets begins with recognizing that your IT infrastructure and supporting resources can be divided into:
|
categories based on value. |
||
|
departments. |
||
|
work groups. |
||
|
the seven IT domains. |
10 points
QUESTION 5
- Under the Family Educational Rights and Privacy Act (FERPA), which of the following has the right to inspect and review the student’s education records maintained by the school?
|
Other schools |
||
|
The student’s parents |
||
|
Other parents |
||
|
Everyone |
10 points
QUESTION 6
- Under the Family Educational Rights and Privacy Act (FERPA), schools may disclose, without consent, __________ such as a student’s name, address, telephone number, date and place of birth, honors and awards, and dates of attendance.
|
Personally Identifiable Information (PII) |
||
|
directory information |
||
|
educational information |
||
|
academic information |
10 points
QUESTION 7
- Which of the following statements is true regarding environments?
|
The environment has no bearing on risk. |
||
|
Any given risk has the same significance, regardless of environment. |
||
|
Some environments produce highly significant risks. |
||
|
Every environment carries the same set of risks. |
10 points
QUESTION 8
- Which of the following statements is true regarding risks?
|
Some risks are unique to different environments. |
||
|
Every environment carries the same set of risks. |
||
|
The environment does not have any bearing on risks. |
||
|
Every risk is of equal importance. |
10 points
QUESTION 9
- The Family Educational Rights and Privacy Act (FERPA) gives students certain rights with respect to their education records when they:
|
enroll in high school. |
||
|
graduate from high school. |
||
|
reach the age of 18 or attend a school beyond the high school level. |
||
|
reach the age of 21. |
10 points
QUESTION 10
- The Family Educational Rights and Privacy Act (FERPA) applies to:
|
all schools, regardless of level or funding source. |
||
|
all schools that receive funds under an applicable program of the U.S. Department of Education. |
||
|
only higher education institutions such as colleges and universities. |
||
|
only elementary, middle, and high schools. |
10 points
QUESTION 11
- How do special environments, such as hospitals, schools, or financial institutions, know how to handle risks?
|
Each one develops its own security policies independently. |
||
|
All hospitals, schools, and financial institutions have the same security policies. |
||
|
The government legislates precise security policies. |
||
|
The government legislates special acts to provide guidance and countermeasures. |
10 points
QUESTION 12
- Under the Family Educational Rights and Privacy Act (FERPA), schools generally must have __________ from the parent or eligible student in order to release any information from a student’s education record.
|
written permission |
||
|
oral consent given in person only |
||
|
oral consent given either in person or over the telephone |
||
|
enrollment verification |
10 points
QUESTION 13
- Security policies mitigate risks in:
|
educational institutions, but not for-profit businesses. |
||
|
for-profit businesses, but not educational institutions. |
||
|
a limited number of environments. |
||
|
a wide variety of environments. |
10 points
QUESTION 14
- Which of the following statements is true regarding how the Family Educational Rights and Privacy Act (FERPA) differentiates between the three types information?
|
FERPA considers each with different levels of protection. |
||
|
FERPA considers all three types of information with the same level of protection. |
||
|
FERPA is not concerned with disclosure in any of the types of information. |
||
|
FERPA is only concerned with the protection of Personally Identifiable Information (PII). |
10 points
QUESTION 15
- Under the Family Educational Rights and Privacy Act (FERPA), parents or eligible students have the right to request that a school correct records which they believe to be:
|
personally identifiable. |
||
|
unimportant. |
||
|
correct but unflattering. |
||
|
inaccurate or misleading. |
10 points
QUESTION 16
- The benefit of identifying the assets and prioritizing them across the seven IT domains is being able to __________ in a systematic and thorough manner.
|
document policies |
||
|
develop procedures |
||
|
ensure compliance |
||
|
make future purchases |
10 points
QUESTION 17
- The Family Educational Rights and Privacy Act (FERPA) differentiates between three types of information:
|
electronic information, written information, and physical information. |
||
|
student information, faculty information, and institution information. |
||
|
educational information, Personally Identifiable Information (PII), and directory information. |
||
|
disciplinary information, attendance information, and grades. |
10 points
QUESTION 18
- Which of the following is easier once you have created an asset inventory list, prioritized that list, and identified the major risk exposures found in those assets?
|
Purchasing additional equipment |
||
|
Complying with regulations |
||
|
Writing security policies |
||
|
Developing recovery procedures |
10 points
QUESTION 19
- The Family Educational Rights and Privacy Act (FERPA) __________, in a case where a school’s servers holding education records are hacked.
|
contains a breach of security notification requirement for all schools |
||
|
contains a breach of security notification requirement for elementary, middle, and high schools |
||
|
contains a breach of security notification requirement for higher education institutions |
||
|
does not contain a breach of security notification requirement |
10 points
QUESTION 20
- The Family Educational Rights and Privacy Act (FERPA) has no actual requirements specific to:
|
parents’ right to inspect and review the student’s education records maintained by the school. |
||
|
information assurance or security of student records. |
||
|
parents’ right to request that a school correct records which they believe to be inaccurate or misleading. |
||
|
written permission from the parent or eligible student in order to release any information from a student’s education record. |
"You need a similar assignment done from scratch? Our qualified writers will help you with a guaranteed AI-free & plagiarism-free A+ quality paper, Confidentiality, Timely delivery & Livechat/phone Support.
Discount Code: CIPD30
Click ORDER NOW..
