(TCO 1) Why is it important to prepare written policies? Flag this Question Ques
ID: 3884980 • Letter: #
Question
(TCO 1) Why is it important to prepare written policies?
Flag this Question
Question 24 pts
(TCO 2) The goal of protecting confidentiality is to
Flag this Question
Question 34 pts
(TCO 1) The disciplinary process indicated in an information security policy enforcement clause usually includes which of the following most severe punishments?
Flag this Question
Question 44 pts
(TCO 2) Which of the following is the best example of an acceptable password?
Flag this Question
Question 54 pts
(TCO 1) Which is the best way to foster acceptance of a new policy?
Flag this Question
Question 64 pts
(TCO 2) What is a valid definition of data integrity?
Flag this Question
Question 74 pts
(TCO 1) Which is the preferred approach to organizing information security policies, procedures, standards, and guidelines?
Flag this Question
Question 84 pts
(TCO 2) Match the following ISO 17799:2000 domains to their definitions.
Security policy
[ Choose ] Involves creating an inventory of all data and data systems Implement controls for secure hiring and termination of staff Establish and support a management framework for information security Design and maintenance of a secure environment to prevent damage and unauthorized access to the business premises Provides direction and support for the information security program
Organizational security
[ Choose ] Involves creating an inventory of all data and data systems Implement controls for secure hiring and termination of staff Establish and support a management framework for information security Design and maintenance of a secure environment to prevent damage and unauthorized access to the business premises Provides direction and support for the information security program
Asset classification and contro
[ Choose ] Involves creating an inventory of all data and data systems Implement controls for secure hiring and termination of staff Establish and support a management framework for information security Design and maintenance of a secure environment to prevent damage and unauthorized access to the business premises Provides direction and support for the information security program
Personnel security
[ Choose ] Involves creating an inventory of all data and data systems Implement controls for secure hiring and termination of staff Establish and support a management framework for information security Design and maintenance of a secure environment to prevent damage and unauthorized access to the business premises Provides direction and support for the information security program
Physical and environmental security
[ Choose ] Involves creating an inventory of all data and data systems Implement controls for secure hiring and termination of staff Establish and support a management framework for information security Design and maintenance of a secure environment to prevent damage and unauthorized access to the business premises Provides direction and support for the information security program
Flag this Question
Question 94 pts
(TCO 1) Which of the following best describes how policy exception requests should be handled?
Flag this Question
Question 104 pts
(TCO 2) An employee accidentally makes changes to a company-owned file. This is known as a violation of
Flag this Question
Question 114 pts
(TCO 1) Why is it important to remind people about best practice information security behaviors?
Flag this Question
Question 124 pts
(TCO 2) The ISO standard known as Managing Organizational Security includes several categories. Which of the following is NOT one of them?
Flag this Question
Question 134 pts
(TCO 1) Who should issue the statement of authority?
Flag this Question
Question 144 pts
(TCO 2) Data availability is the assurance that
Flag this Question
Question 154 pts
(TCO 1) Which of the following is an important function of the statement of authority?
It lets the policies be communicated more easily.Explanation / Answer
1.Why is it important to prepare written policies?
a) It is required by law
2. The goal of protecting confidentiality is to?
a) Prevent the unauthorized disclosure of senstitive information.
3. he disciplinary process indicated in an information security policy enforcement clause usually includes which of the following most severe punishments?
a) Dismissal or criminal prosecution
4. Which of the following is the best example of an acceptable password?
a) T0yot@tRuck
5. Which is the best way to foster acceptance of a new policy?
a) Ensure it is detailed enough that everyone will understand it.
6. What is a valid definition of data integrity?
a) The knowledge that the data are transmitted in ciphertext only
7. Which is the preferred approach to organizing information security policies, procedures, standards, and guidelines?
a) Keep the policy documents separate from the procedures, standards, and guidelines.
Which of the following best describes how policy exception requests should be handled?
a) Requestors should always receive a response to any request, whether approved or not.
An employee accidentally makes changes to a company-owned file. This is known as a violation of
a) data integrity.
Why is it important to remind people about best practice information security behaviors?
a) This approach is a mandatory requirement of information security policies.
The ISO standard known as Managing Organizational Security includes several categories. Which of the following is NOT one of them?
a) Information Security Infrastructure
Who should issue the statement of authority?
a)The CEO, president, or chairman of the board
Data availability is the assurance that
a)only authorized users will gain access to a resource.
Which of the following is an important function of the statement of authority?
a) It references standards, guidelines, and procedures that the reader can consult for clarification of the policy.
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.