Assignment05

Assignment05 - Management of Information Security, 2nd ed....

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Management of Information Security, 2 nd ed. _____________________________________________________________________________ _ John Moura Chapter 5: Developing the Security Program Review Questions 1. What is an information security program? Answer: An information security program is the structure and organization of the effort that contains risks to the information assets of the organization . 2. What functions constitute a complete information security program? Answer: Risk Management, Risk Assessment, Systems Testing, Policy, Legal Assessment, Incident Response, Planning, Measurement, Compliance, Centralized Authentication, Systems Security Administration, Training, Network Security Administration, Vulnerability Assessment. 3. What organizational variables can influence the size and composition of an information security program’s staff? Budget, sensitivity of information, regulations, and profitability Answer: Budget, sensitivity of information, regulations, and profitability 4. What is the typical size of the security staff in a small organization? A medium-sized organization? A large organization? A very large organization? Answer: Small – 1 fulltime, with 1 or 2 assistants. Medium – 1 fulltime, with 2 or 3 assistants. Large – 1-2 fulltime admins, 3-4 techs, 16 assistants Very Large – 20 fulltime, 40 assistants 5. Where can an organization place the information security unit? Where should (and shouldn’t) it be placed? Answer: InfoSec is often located within the information technology department, headed
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This homework help was uploaded on 04/06/2008 for the course 547 471 taught by Professor Binde during the Spring '07 term at Rutgers.

Page1 / 4

Assignment05 - Management of Information Security, 2nd ed....

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online