CYB 260 5-1 Reading Quiz

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

260

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

6

Uploaded by salarid

Report
Question 1 1/ 1 point Which of the following are characteristics of procedures? Broad scope, address whole organization, very rarely change Support high-level policies, set minimum standards of behavior Very rarely change, set forth general expectations ) Step-by-step checklists, explain how to meet security goals, be flexible and change as technology changes Question 2 1/ 1 point What kind of policy would contain a no-retaliation element? Acceptable use @) Anti-harassment Intellectual property Authentication Question 3 1/ 1 point Which law requires each federal agency to develop an information security program? GLBA HIPAA o) FISMA FERPA
Question 4 1/ 1 point Which role identifies the person in an organization who has the senior-most role in protecting information security? ) CISO CFO Clo CTO Question 5 1/1 point Aformal __________is executive management’s high-level statement of information security direction and goals. » ) Policy Standard Guideline Procedure Question 6 1/ 1 point Many organizations have a(n) __________. , which consists of end-user devices (including tablets, laptops, and smartphones) on a shared network that use distributed system software; this enables these devices to function simultaneously, regardless of location. Agent o) Distributed infrastructure Executive management sponsorship Agentless central management tool
Question 7 1/ 1 point Which of the following describes a centrally located device that is capable and permitted to extend and connect to distributed services? Inventory assessment ' Agentless central management tool Distributed infrastructure Malware tool Question 8 1/ 1 point Which of the following is not one of the outcomes of a wide acceptance of security awareness among employees? ‘When employees understand the relationship between their policies and their work, they are inclined to consider them worthwhile. o Employees who have accepted security policies distinguish themselves from others in the organizational culture. Wide acceptance of security policies results in fewer security incidents. Employees are more inclined to accept what they understand. Question 9 1/ 1 point Which of the following is a technological term used in security policy to describe a future state in which specific goals and objectives have been achieved and which processes, resources, and tools are needed to achieve those goals and objectives? Threat vector Communications plan Agent profile o Target state Question 10 0/ 1 point Which of the following illustrates an ideal time to implement security policies in order to gain the maximum level of organizational commitment? The policies should be implemented following a new product launch. The policies should be implemented at the same time of a new product launch. The policies should be implemented to coincide with audit findings in order to minimize security risks. ») The policies should be implemented at the same time the new customer service policies are introduced.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Question 1 1/ 1 point Which of the following would not appear in an IT acceptable use policy (AUP)? Email o) Data retention File sharing Nonbusiness internet use Question 2 1/ 1 point Which of the following gives a justification for why a policy exists, including the legal or regulatory justification for the policy, which might be drafted in response to information security threats? Policy history Policy definitions » Policy rationale Policy exclusions Question 3 1/ 1 point Which of the following information security assurance documents is the most flexible? Policy Procedure o) Guideline Standard
Question 4 1/ 1 point Which of the following steps occurs before any of the others in a formal policy development process? Management approval o) Stakeholder review Documentation of compliance or exceptions Maintenance and review Question 5 1/ 1 point What type of standard states a minimum level of behavior or actions that must be met to comply with a policy? Minimal Safeguard Procedural o) Baseline Question 6 1/ 1 point The scope of security awareness training must be customized based on the type of user assigned to each role in an organization. For instance, it is important that __ _ receives training in security basic requirements, regulatory and legal requirements, detail policy review, and reporting suspicious activity. » Middle management The IT custodian Senior management The end user
Question 7 1/ 1 point In order to build security policy implementation awareness across the organization, there should be ———_____who partner with other teams and departments to promote IT security through different communication channels. @ Multiple executive supporters Numerous marketing department professionals Several IT department specialists Many HR department personnel Question 8 1/ 1 point Which statement describes the most important reason to solicit feedback from people who have completed security awareness training? o) It helps discern that attendees can demonstrate knowledge gained through training. It is important for the purposes of trainer evaluation, education, and development. It is important to confirm that attendees are memorizing the training material. It is necessary to have a record of all attendees for the purposes of performance review. Question 9 1/ 1 point The goal of employee awareness and training is to ensure that individuals are equipped with the tools necessary for the implementation of security policies. Which of the following is one of the other benefits of a successfully enacted training and awareness program? Employees will have improved job security. o) Instituting chances for employees to gather new skills will foster enhanced job satisfaction. Management will have more control over employees. Employees will be easier to discipline. Question 10 1/ 1 point When a CISO is seeking executive buy-in for implementing security policies with respect to a target state, the dialogue should make certain to address each of the following except What risks are specifically addressed by the policy The degree of commitment being solicited of the executive and his or her team How the policies will impact the present environment o The names of the team members who were consulted to create the policy
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

CT Lab 18 Home Networking Options.docx
CT Lab 20 LAN configurations.docx
CT Lab 13 Crystal Disk Info.docx
environment assignment final.docx
Module 15 Quiz.docx
Week 4 Attendance Quiz.docx
cloudcomputingtest1study.docx
Discussion Board 2 Ethics.docx
quiz 1.docx
Quiz 1 Q and A.docx
Unit 5 Assignment.docx
FNSACC526_AE_Sk2of4 (5).docx