Implementing security policies is easier if you manage it from a change model

Implementing security policies is easier if you

This preview shows page 9 - 13 out of 21 pages.

QUESTION 201.Implementing security policies is easier if you manage it from a changemodel perspective. The first step of this model is to create urgency. Who is responsible for conveying urgency to business leaders?chief information security officer A.B.chief information officerC.chief finance officerD.chief technology officer QUESTION 211._________________describes how to design and implement an information security governance structure, whereas __________________ describes security aspects for employees joining, moving within, or leaving an organization. QUESTION 221.When implementing a framework, the two main considerations for implementation are _____________ and _____________.
Image of page 9
QUESTION 231.Policies and standards are a collection of concrete definitions that describe acceptable and unacceptable human behavior. The questions related to_______________ are more appropriate for procedures or guidelines than policies or standards, which require detail that is more at the level of________________. QUESTION 241.Security controls are measures taken to protect systems from attacks on the integrity, confidentiality, and availability of the system. If a potential employee is required to undergo a drug screening, which of the following controls is being conducted? A.preventive security controlsB.technical security controls
Image of page 10
C.physical security controlsD.administrative controls QUESTION 251.Policy and standards often change as a result of business drivers. One such driver, known as ___________________, occurs when business shifts and new systems or processes are incorporated; these business shifts and new systems and processes may differ from what a standard or policy requires. QUESTION 261.A(n) __________________ is a term used to indicate any unwanted event that takes places outside the normal daily security operations. This type of event relates to a breakdown in controls as identified by the security policies.
Image of page 11
Image of page 12
Image of page 13

You've reached the end of your free preview.

Want to read all 21 pages?

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture