quiz 3.rtf - User Course Test Started Submitted Due Date Status Attempt Score Time Elapsed Results Displayed Ubeda Sawda 2018_SPR_IG_Operations

quiz 3.rtf - User Course Test Started Submitted Due Date...

This preview shows page 1 - 4 out of 15 pages.

User Ubeda Sawda Course 2018_SPR_IG_Operations Security_01_20_21_COMBINED Test Quiz #3 Started 1/23/18 6:37 PM Submitted 1/23/18 8:31 PM Due Date 1/28/18 11:59 PM Status Completed Attempt Score 90.00000 out of 100.00000 points Time Elapsed 1 hour, 54 minutes Results Displayed All Answers, Submitted Answers, Correct Answers Question 1 5.00000 out of 5.00000 points In an issue-specific standard, the ___________________________section defines a security issue and any relevant terms, distinctions, and conditions. Selected Answer: statement of an issue Answers: definition of roles and responsibilities statement of applicability statement of the organization’s position statement of an issue Question 2 5.00000 out of 5.00000 points In a (n) ____________________, there are policies, standards, baselines, procedures, guidelines, and taxonomy. Selected Answer: IT policy framework Answers: asset management policy IT policy framework control standard risk assessment policy Question 3 5.00000 out of 5.00000 points One example of granularity is a policy that requires an e-mail server to have a specific configuration in order to be considered secure and a server-based monitoring tool that can report the configuration and compliance to the appropriate personnel. In this scenario, the policy is appropriately fine-grained and automates enforcement.
Image of page 1
Selected Answer: True Answers: True False Question 4 0.00000 out of 5.00000 points If a security policy clearly distinguishes the responsibilities of computer services providers from those of the managers of applications who use the computer services, which of the following goals is served? Selected Answer: confidentialit y Answers: accountabilit y confidentialit y scope compliance Question 5 5.00000 out of 5.00000 points It is important to create an IT security program structure that aligns with program and organizational goals and describes the operating and risk environment. Which of the following is one of the important issues for the structure of the information security program? Selected Answer: Management and coordination of security-related resources Answers: Human resources security Management and coordination of security-related resources Access control Asset management Question 6 5.00000 out of 5.00000 points Which of the following statements best captures the role of information security teams in ensuring compliance with laws and regulations? Selected Answer: Information security personnel work with their organizations’ compliance and legal teams to determine violations of an organization’s security policy. Answers: Information security personnel must be trained lawyers, and as
Image of page 2
such they must work with their organizations’ compliance and legal teams to gain an understanding of legal requirements. Information security personnel work with their organizations’ compliance and legal teams to determine whether an organization is violating a law.
Image of page 3
Image of page 4

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture