A risk assessment is performed during which phase of

This preview shows page 3 - 6 out of 8 pages.

We have textbook solutions for you!
The document you are viewing contains questions related to this textbook.
Guide To Computer Forensics and Investigations
The document you are viewing contains questions related to this textbook.
Chapter 14 / Exercise 1
Guide To Computer Forensics and Investigations
Nelson/Phillips
Expert Verified
18.A risk assessment is performed during which phase of the SecSDLC?a.implementationc.designb.analysisd.investigationANS: B
PTS:1REF:14519.Which individual is responsible for the creation, revision, distribution, and storage of the policy?
We have textbook solutions for you!
The document you are viewing contains questions related to this textbook.
Guide To Computer Forensics and Investigations
The document you are viewing contains questions related to this textbook.
Chapter 14 / Exercise 1
Guide To Computer Forensics and Investigations
Nelson/Phillips
Expert Verified
PTS:1REF:15420.When an organization demonstrates that it is continuously attempting to meet the requirements of the market in which it operates, what is it ensuring?
PTS:1REF:155COMPLETION1.In the bull’s-eye model, the ____________________ layer is the place where threats from public networks meet the organization’s networking infrastructure.
PTS:1REF:1262.The three types of information security policies include the enterprise information security policy, the issue-specific security policy, and the ____________________ security policy.
PTS:1REF:1283.The responsibilities of both the users and the systems administrators with regard to specific technologyrules should be specified in the ____________________ section of the ISSP.
PTS:1REF:1374.____________________ include the user access lists, matrices, and capability tables that govern the rights and privileges of users.
PTS:1REF:1415.A(n) ____________________, which is usually presented on a screen to the user during software installation, spells out fair and responsible use of the software being installed.
PTS:1REF:1466.The champion and manager of the information security policy is called the ____________________.
PTS:1REF:154MATCHINGa.capability tablef.InfoSec policyb.statement of purposeg.standardc.Bull’s eye modelh.EISPd.SysSPi.Systems Managemente.proceduresj.ISSP1.methods or processes, usually detailed, put in place by an organization in order to accomplish its objectives2.a detailed statement of what employees of an organization must do to comply with a policy3.information security issues are addressed from the general to the specific4.a program that addresses specific areas of technology and contains a statement on the organization’s position on each5.the set of organizational guidelines that describe acceptable and unacceptable behaviors of employees in the workplace6.a policy document that establishes the strategic direction, scope, and tone for all of an organization’s security efforts7.answers the question “who is responsible and accountable for policy implementation?”8.should specify users’ and systems administrators’ responsibilities9.specifies which subjects and objects that users or groups can access10.could include a statement of managerial intent and an access controllist1.ANS: EPTS:1REF:128
PTS:1REF:128
PTS:1REF:126
PTS:1REF:134
PTS:1REF:125
PTS:1REF:129
PTS:1REF:135
PTS:1REF:137
PTS:1REF:141
PTS:1REF:138SHORT ANSWER1.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture