cs205 final term past papers

MCQs (6-10)

1. In security transformation model ownership of validation of controls lies with:
   • A. IT operation team
   • B. Business team
   • C. Info security or consultant
   • D. IT help desk team
2. Where should source code be kept as best practice?
   • A. Access control system
   • B. Change control system
   • C. Version control system
   • D. Source control system
3. As per ISO27001, Operating procedure should be:
   • A. Confidential
   • B. Verbally communicated
   • C. Decided on an ad hoc basis
   • D. Documented and available to who need them
4. It seems conducting a successful security transformation project is more challenging in:
   • A. Large size organization
   • B. Medium size organization
   • C. Small sized organization
   • D. Environment where multiple sites are present
5. Stage 2 of security transformation refers to:
   • A. Security Governance
   • B. Security engineering
   • C. Security hardening
   • D. Vulnerability management