Practice Test 9 – Solution
1. Prior to creating policies, companies should look at all regulations and frameworks to ensure that they comply with them.
2. COBIT and ITIL are non-regulatory and not legally enforceable as they are both good practice frameworks.
3. Purchasing broadband from two different companies provides vendor diversity, therefore, if one company fails, then the other still provides broadband.
4. The boundary layer between the LAN and the WAN is called the DMZ; it hosts the extranet web server that is normally used for suppliers and needs credentials to access it.
5. If a laptop had sensitive information such as research and development data, the IT team could isolate it from the network by air gapping it so nobody could connect to it.
6. When full disk encryption such as BitLocker is used on a laptop, the laptop needs to have either a TPM chip or an HSM to store the encryption keys.
7. An IT security team would...
