Ensuring compliance across the extended enterprise


Ensuring compliance across the extended enterprise

This quiz is part of Ensuring compliance across the extended enterprise , a lesson in SearchSecurity.com's Compliance School. Visit the Ensuring compliance across the extended enterprise lesson page for additional learning resources.

1. Why is a standards-based partnership management program valuable?

  1. It provides a simple check-in-the-box method to determine the adequacy of partner security practices.
  2. It is an inexpensive way to gather information regarding security practices that is applicable to partners of every risk class.
  3. It provides a consistent method of gathering important information about partner security practices that can be compared across reviews and partners.
  4. It provides a focused method of evaluating service designs and exchange protocols.

2. Why are periodic reviews of partner security practices necessary?

  1. To make sure the partner organization knows that it is being monitoring.
  2. To detect important changes in practices and infrastructure.
  3. To ensure that monitoring mechanisms are still working.
  4. To meet the administrators face to face.

3. Why is assessing the requirements for information flow important in dealing with partner connections?

  1. To ensure that the processing is as efficient as possible.
  2. To ensure that encryption is always used on every connection.
  3. To determine the performance requirements of all communication links.
  4. To ensure that only required sensitive information is exchanged with the partner and that it is protected adequately.

4. What technology is least likely to be useful in managing partner services?

  1. Firewalls
  2. Intrusion detection
  3. Identity management
  4. Two-factor authentication

5. What is the most likely source of problems when a security incident at a partner site occurs?

  1. Inadequate preparation and coordination of plans
  2. Virus infection
  3. Compromise due to a well-known vulnerability
  4. Failure of a cryptographic algorithm

If you answered two or more questions incorrectly, revisit the materials from the lesson Ensuring compliance across the extended enterprise:

  • Webcast: Key technologies for ensuring partner compliance with SLAs
  • Tip: ISO 17799: A methodical approach to partner and service provider security management
  • Podcast: Top 5 pitfalls of partner security management

    If you answered four or more questions correctly, return to SearchSecurity.com's Compliance School and begin another lesson, or try another school in SearchSecurity.com's Security School Course Catalog.

  • Email Alerts

    Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
    By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

    This was first published in July 2007


    COMMENTS powered by Disqus  //  Commenting policy