When the Center for Internet Security (CIS) Controls were being revised into the current version (i.e., version 8) there were a series of design principles used to help guide the revision process.  One of those principles states that the CIS Controls should help defenders identify the most critical things to do to stop the most important attacks and to avoid the temptation of trying to solve every security problem (that is, avoid ‘good things to do’ or ‘things you could do’).  Which CIS design principle are those statements related to?

Which of the following Trust Services Criteria (TSC) categories focuses on ensuring that personal information is collected, used, retained, disclosed, and disposed of in ways that meet the entity’s objectives while protecting individuals, including obtaining consent where and when appropriate/necessary?

Hendrie Enterprises information technology (IT) help desk received a help desk ticket two days ago from an employee stating a significant decrease in his device’s processing power.  The employee states in the ticket that he does not recall clicking on any unusual links or files.  Yesterday, several more help desk tickets were submitted from employees stating their devices are running slow as well.  Today, several more help desk tickets were submitted with similar issues.  Upon investigation, the IT help desk identifies some highly replicative code on the employees’ devices.   Which of the following types of malware was most likely identified by the IT help desk?

Patricia is a salesperson for a security services company called Star Security and has just submitted a bid to the Texas Department of Licensing to provide security for the boxing re-match of Jake Paul vs Mike Tyson.  Patricia learns that the security contract might be awarded to Star Security or one other security firm.  Patricia contacts the purchasing agent at the Texas Department of Licensing and states that if Star Security is awarded the contract, Patricia will provide the purchasing agent with an all-expense-paid vacation package to some place sick like Tulsa or Little Rock (a Pitch Perfect 2 reference).   What type of fraud is Patricia performing in this situation?

You have been reviewing your client’s description of its internal controls and you notice that the following preventative controls are in place: requiring manager approval for inventory write-offs; and  segregation of duties so that employees executing sales do not perform inventory write-offs. As part of a fraud risk assessment, which of the following choices correctly identifies the fraud scheme(s) these internal controls would help prevent?  Check all that apply  

Case 5 – Use for questions 65-71 JB is a 35-year-old female (132 kg, BMI 42) who was intubated and admitted to the ICU following a highway speed motor vehicle accident.  The patient’s blood alcohol content upon arrival to the emergency department was 0.32% (four times the legal driving limit of 0.08% in Wisconsin).  The patient sustained multiple orthopedic injuries from the accident, requiring several visits to the OR during her first 48 hours of admission.  The patient does not have any past medical history on file.  However, her family mentions that she regularly consumes 5-6 alcoholic beverages a day.  On day three of admission, when propofol is turned off for the patient’s spontaneous awakening and breathing trial, she becomes extremely agitated and delirious.  After some discussion on rounds, the medical team believes the patient is going through severe alcohol withdrawal.

What medication is an antidote for vasopressor extravasation?

What factors influence the nature of nesting territories (i.e. whether species nest colonially or not,  and how large colonies are)?

What is the difference in how vocalizations are acquired by oscines versus suboscines?  

Select all assumptions that must hold for a one-way ANOVA. Hint: The microlecture listed five official assumptions for one-way ANOVA