100%(1)1 out of 1 people found this document helpful
This preview shows page 1 - 4 out of 14 pages.
10/27/2019Review Test Submission: Mid-Term CS – Fall 2019 - ...;1/14ContentWeek 9Review Test Submission: Mid-Term CSHReview Test Submission: Mid-Term CSReview Test Submission: Mid-Term CSUserVignan DundangiCourseFall 2019 - Operations Security (ISOL-631-40) (ISOL-631-42) - Combined - Full TermTestMid-Term CSStarted10/27/19 10:18 AMSubmitted10/27/19 11:06 AMDue Date10/27/19 11:59 PMStatusCompletedAttemptScore96 out of 100 points TimeElapsed47 minutes out of 3 hoursResultsDisplayedSubmitted AnswersQuestion 1SelectedAnswer:It is important to create an IT security programstructure that aligns with program and organizationalgoals and describes the operating and riskenvironment. Which of the following is one of theimportant issues for the structure of the informationsecurity program?Management and coordination ofsecurity-related resourcesQuestion 2Because it takes time to change an organization’sculture, the ISO must continually monitor securitypolicy compliance. The ISO reports to leadership onthe current effectiveness of the security policies andwill also have to ask the business to accept anyresidual risk or come up with a way to reduce it.HomeCourses2 out of 2 points2 out of 2 pointsVignan Dundangi14
10/27/2019Review Test Submission: Mid-Term CS – Fall 2019 - ...;2/14Selected Answer:TrueQuestion 3Selected Answer:FalseIn an attribute based access control (ABAC) model,roles assigned are static, whereas in a role basedaccess control (RBAC), roles are built moredynamically.Question 4SelectedAnswer:Although an organization’s list of stakeholders willvary depending on the policy being implemented,there are stakeholders who can be seen commonlyacross organizations. What is the key focus ofstakeholders in information security?protection of the company and thecustomerQuestion 5SelectedAnswer:Apathy can have detrimental effects on informationsecurity. Engaged communicationis one strategythat can be implemented to overcome the effects ofapathy. Which of the following statements furtherelaborates this strategy?Adjust the implementation strategy tobetter explain the importance of the policywithin the context of the individual role.Question 6Selected Answer:FalseIn the COBIT Build, Acquire, and Implementdomain, the staff tunes the environment to minimizerisks and collects lessons learned.2 out of 2 points2 out of 2 points2 out of 2 points2 out of 2 points
10/27/2019Review Test Submission: Mid-Term CS – Fall 2019 - ...;3/14Question 7SelectedAnswer:Which of the following is one of the challenges ofthe Sarbanes-Oxley (SOX) Act?