96%(228)218 out of 228 people found this document helpful
This preview shows page 4 - 7 out of 14 pages.
Question 14 2 out of 2 pointsThe key to security policy is being able to measure compliance against a set of controls. Security controls define___________ you protect the information. The security policies should define ___________ you set the goal.Question 15 0 out of 2 pointsThere are many distinct benefits to control measurement. Which of the following benefits is the result of determining which security controls to measure?
Question 16 2 out of 2 pointsOnce an organization clearly defines its IP, the security policies should specify how to ___________ documents with marks or comments, and ____________ the data, which determines in what location the sensitive file should be placed.Question 17 0 out of 2 pointsWhich of the following security control design types does not prevent incidents or breaches immediately and relies on a human to decide what action to take?Question 18 0 out of 2 pointsWhich of the following statement states the difference between business liability and a business’s legal obligation?Question 19 2 out of 2 pointsA(n) ___________________ is a confirmed event that compromises the confidentiality, integrity, or availability of information.
Question 20 2 out of 2 pointsIn the ISO/IEC 27002 framework, _________________ describes the use and controls related to encryption.Question 21 0 out of 2 pointsThe information security program charter is the capstone document for the information security program. This required document establishes the information security program and its framework. Which of the following components is not defined by this high-level policy?