Saturday, 15 March 2014

Info Syst Sec Planning & Audit

(TCO 1) Which of the following is LEAST likely to lead to employees accepting and following policy?(Points : 4)       Introduce policies through training programs.

      Make policy compliance part of job descriptions.

      Consistently enforce policies.

      Seek input from the organization when developing policies.
Question 2. 2. (TCO 2) Which of the following is NOT a threat to data confidentiality? (Points : 4)
      Hackers

      Encryption

      Improper access controls

      Social engineering

Question 3. 3. (TCO 1) Which of the following is MOST likely to reflect the policy audience for a corporate ethics policy at Acme Manufacturing? (Points : 4)
      All Acme Manufacturing employees and all vendors and service providers

      All full- and part-time employees of Acme Manufacturing and its subsidiaries

      The Acme Manufacturing board of directors

      The finance, human resources, and marketing departments of Acme Manufacturing

Question 4. 4. (TCO 2) Which of the following is true of procedures? (Points : 4)
      Procedures focus on sequential actions or steps, which are the instructions needed to carry out a policy statement.

      Procedures must be changed every 30 days.

      Procedures are a prerequisite to developing a policy; they must exist before you can write a policy.

      Procedures are suggestions for the best way to accomplish a certain task.

Question 5. 5. (TCO 1) Which is the best way to foster acceptance of a new policy? (Points : 4)
      Involve people in policy development by conducting interviews.

      Give everyone a copy of the policy after it is written.

      Ensure it is detailed enough that everyone will understand it.

      Hold meetings to explain it.

Question 6. 6. (TCO 2) Which of the following is NOT an example of social engineering? (Points : 4)
      Calling an employee on the phone and impersonating an IT consultant to learn passwords

      Running a password-cracking utility against a web server

      Dressing up as a UPS employee and gaining access to sensitive areas of a business

      Posing as a potential customer in a bank and gaining access to a computer terminal by pretending to need to send an e-mail

Question 7. 7. (TCO 1) Leadership by setting the example, or “do as I do,” is considered (Points : 4)
      ineffective in a high-tech company.

      the same as “management by walking around.”

      something that should only be employed when information security policies are new.

      the most effective leadership style, especially in relation to information security.

Question 8. 8. (TCO 2) Match the following terms to their meanings.
   Click here for more on this paper.......

Click here to have a similar A+ quality paper done for you by one of our writers within the set deadline at a discounted.....

(Points : 4)
Potential Matches:
1 : List of actions that employees are not allowed to perform while using company-provided equipment
2 : Any event that impacts culture, procedures, and activities within an organization
3 : Introduction to the policy document
4 : Policy about a policy
    Answer
     : Change driver
     : Acceptable use agreement
     : Statement of authority
     : Security policy document policy

Question 9. 9. (TCO 1) Which of the following best describes how the penalties defined in the Policy Enforcement Clause should relate to the infractions? (Points : 4)
      Any infraction should result in suspension or termination.

      The same penalty should apply each time an infraction occurs.

      The penalty should be proportional to the level of risk incurred as a result of the infraction.

      Penalties should be at the discretion of management.

Question 10. 10. (TCO 2) Data integrity is (Points : 4)
      protecting the data from intentional or accidental disclosure.

      making sure the data are always available when legitimately needed.

      protecting the data from intentional or accidental modification.

      making sure the data are always transmitted in encrypted format.

Question 11. 11. (TCO 1) Which is the best goal for a new policy? (Points : 4)
      Accurately reflect the current technology environment.

      Comply with applicable government policy.

      Secure and protect assets from foreseeable harm and provide flexibility for the unforeseen.

      Approved by management, and understood by everyone

Question 12. 12. (TCO 2) Which of the following federal regulations pertains to the medical field? (Points : 4)
      FERPA

      GLBA

      HIPAA

      SOX

Question 13. 13. (TCO 1) The setup instructions that come in the box when you buy a new printer are an example of which of the following? (Points : 4)
      Standards

      Procedures

      Guidelines

      Policies

Question 14. 14. (TCO 2) Guaranteed 99.999% uptime is an example of (Points : 4)
      data integrity.

      data authentication.

      data confidentiality.

      data availability.

Question 15. 15. (TCO 1) Which of the following is a good way to help ensure that your company’s information security policies represent best practices? (Points : 4)
      Base them on current industry standards for practices and technology.

      Provide little or no opportunity for policy exceptions to be granted.

      Copy key parts of similar policies you find on the Internet.

      Keep the suggested guidelines to a minimum, and focus on mandatory standards.

   Click here for more on this paper.......

Click here to have a similar A+ quality paper done for you by one of our writers within the set deadline at a discounted.....
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)