94%(167)157 out of 167 people found this document helpful
This preview shows page 1 - 4 out of 15 pages.
UserUbeda SawdaCourse2018_SPR_IG_Operations Security_01_20_21_COMBINEDTestQuiz #3Started1/23/18 6:37 PMSubmitted1/23/18 8:31 PMDue Date1/28/18 11:59 PMStatusCompletedAttempt Score90.00000 out of 100.00000 points Time Elapsed1 hour, 54 minutesResults DisplayedAll Answers, Submitted Answers, Correct AnswersQuestion 15.00000 out of 5.00000 pointsIn an issue-specific standard, the ___________________________sectiondefines asecurity issue and any relevant terms, distinctions, and conditions.Selected Answer:statement of an issueAnswers:definition of roles and responsibilitiesstatement of applicabilitystatement of the organization’s positionstatement of an issueQuestion 25.00000 out of 5.00000 pointsIn a (n) ____________________, there are policies, standards, baselines, procedures, guidelines, and taxonomy.Selected Answer:IT policy frameworkAnswers:asset management policyIT policy frameworkcontrol standardrisk assessment policyQuestion 35.00000 out of 5.00000 pointsOne example of granularity is a policy that requires an e-mail server to have a specific configuration in order to be considered secure and a server-based monitoring tool that can report the configuration and compliance to the appropriate personnel. In this scenario, the policy is appropriately fine-grained and automates enforcement.
Selected Answer:TrueAnswers:TrueFalseQuestion 40.00000 out of 5.00000 pointsIf a security policy clearly distinguishes the responsibilities of computerservices providers from those of the managers of applications who use the computer services, which of the following goals is served?Selected Answer:confidentialityAnswers:accountabilityconfidentialityscopecomplianceQuestion 55.00000 out of 5.00000 pointsIt is important to create an IT security program structure that aligns with program and organizational goals and describes the operating andrisk environment. Which of the following is one of the important issues for the structure of the information security program?Selected Answer:Management and coordination of security-related resourcesAnswers:Human resources securityManagement and coordination of security-related resourcesAccess controlAsset managementQuestion 65.00000 out of 5.00000 pointsWhich of the following statements best captures the role of information security teams in ensuring compliance with laws and regulations?Selected Answer:Information security personnel work with their organizations’ compliance and legal teams to determine violations of an organization’s security policy.Answers:Information security personnel must be trained lawyers, and as
such they must work with their organizations’ compliance and legal teams to gain an understanding of legal requirements.Information security personnel work with their organizations’ compliance and legal teams to determine whether an organization is violating a law.