Which of the following is the first phase in the nist

This preview shows page 13 - 17 out of 39 pages.

We have textbook solutions for you!
The document you are viewing contains questions related to this textbook.
Managerial Accounting: The Cornerstone of Business Decision-Making
The document you are viewing contains questions related to this textbook.
Chapter 13 / Exercise 13-61
Managerial Accounting: The Cornerstone of Business Decision-Making
Hansen/Mowen
Expert Verified
15.Which of the following is the first phase in the NIST process for performance measurement implementation?a.Develop the business casec.Prepare for data collectionb.Obtain resourcesd.Identify corrective actionsANS: C
PTS:1REF:26616.Which of the following is the last phase in the NIST process for performance measures implementation?
PTS:1REF:266
We have textbook solutions for you!
The document you are viewing contains questions related to this textbook.
Managerial Accounting: The Cornerstone of Business Decision-Making
The document you are viewing contains questions related to this textbook.
Chapter 13 / Exercise 13-61
Managerial Accounting: The Cornerstone of Business Decision-Making
Hansen/Mowen
Expert Verified
17.In security management, which of the following is issued by a management official and serves as a means of assuring that systems are of adequate quality?
PTS:1REF:26818.Which of the following is Tier 3 (indicating tactical risk) of the tiered risk management approach?
PTS:1REF:27019.According to NIST SP 800-37, which of the following is the first step in the security controls selection process?a.categorize the information system and the information processedb.select an initial set of baseline security controlsc.assess the security controls using appropriate assessment proceduresd.authorize information system operation based on risk determinationANS: A
PTS:1REF:27020.The Authorize step of the NIST six-step approach to the risk management framework involves all but which of the following tasks?
PTS:1REF:273COMPLETION1.Best security practices balance the need for user _____________ to information with the need for adequate protection while simultaneously demonstrating fiscal responsibility.
PTS:1REF:2492.A practice related to benchmarking is ____________, which is a measurement against a prior assessment or an internal goal.
PTS:1REF:2543.____________________ encompasses a requirement that the implemented standards continue to provide the required level of protection.
PTS:1REF:2494.A goal of 100 percent employee InfoSec training as an objective for the training program is an example of a performance __________.
PTS:1REF:2615.The last phase in the NIST performance measures implementation process is to apply ______________ actions which closes the gap found in Phase 2.
PTS:1REF:266MATCHINGa.accreditationf.gold standardb.baselineg.recommended business practicesc.benchmarkingh.standard of due cared.certificationi.best security practicese.due diligencej.NIST SP 800-371.the actions that demonstrate that an organization has made a valid effort to
protect others2.authorization of an IT system to process, store, or transmit information3.adopting minimum levels of security to establish a future legal defense4.a model level of performance that demonstrates industrial leadership, quality, and concern for the protection of information5.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture