Ensuring compliance across the extended enterprise

A five-question multiple-choice quiz to test your understanding of the content presented by expert Richard Mackey in this lesson of SearchSecurity.com's Compliance School.

This quiz is part of Ensuring compliance across the extended enterprise , a lesson in SearchSecurity.com's Compliance School. Visit the Ensuring compliance across the extended enterprise lesson page for additional learning resources.

1. Why is a standards-based partnership management program valuable?

  1. It provides a simple check-in-the-box method to determine the adequacy of partner security practices.
  2. It is an inexpensive way to gather information regarding security practices that is applicable to partners of every risk class.
  3. It provides a consistent method of gathering important information about partner security practices that can be compared across reviews and partners.
  4. It provides a focused method of evaluating service designs and exchange protocols.

2. Why are periodic reviews of partner security practices necessary?

  1. To make sure the partner organization knows that it is being monitoring.
  2. To detect important changes in practices and infrastructure.
  3. To ensure that monitoring mechanisms are still working.
  4. To meet the administrators face to face.

3. Why is assessing the requirements for information flow important in dealing with partner connections?

  1. To ensure that the processing is as efficient as possible.
  2. To ensure that encryption is always used on every connection.
  3. To determine the performance requirements of all communication links.
  4. To ensure that only required sensitive information is exchanged with the partner and that it is protected adequately.

4. What technology is least likely to be useful in managing partner services?

  1. Firewalls
  2. Intrusion detection
  3. Identity management
  4. Two-factor authentication

5. What is the most likely source of problems when a security incident at a partner site occurs?

  1. Inadequate preparation and coordination of plans
  2. Virus infection
  3. Compromise due to a well-known vulnerability
  4. Failure of a cryptographic algorithm

If you answered two or more questions incorrectly, revisit the materials from the lesson Ensuring compliance across the extended enterprise:

  • Webcast: Key technologies for ensuring partner compliance with SLAs
  • Tip: ISO 17799: A methodical approach to partner and service provider security management
  • Podcast: Top 5 pitfalls of partner security management

    If you answered four or more questions correctly, return to SearchSecurity.com's Compliance School and begin another lesson, or try another school in SearchSecurity.com's Security School Course Catalog.

  • Read more on IT legislation and regulation