Management Of Information Security
6th Edition
ISBN: 9781337405713
Author: WHITMAN, Michael.
Publisher: Cengage Learning,
expand_more
expand_more
format_list_bulleted
Concept explainers
Question
Chapter 9, Problem 2EDM
Program Plan Intro
Information security is the protection of information in the organization; it helps to manage data access, web-browsing behaviors, passwords usage and encryption, email attachments, etc.
- It is designed to provide structure in the workplace, create a productive and effective work place.
- It is free from unnecessary distractions.
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solutionStudents have asked these similar questions
Based on your reading of the chapter and what you now know about the issues, list at least three other things Charley could recommend to Iris.
Is information security policy considered static or dynamic? Why do you think this scenario will turn out the way it does?
Susan is the lead investigator for a security incident and realizes that she will not be able to complete her investigation without causing severe disruption to the business. The action she feels she must take exceedsthe authority granted to her under the incident response plan. What should Susan do?
a)Shut down all business operations immediately until she develops a plan
b)Take the action immediately to protect the business
c)Discount the action as a possibility because it exceeds her authority
d)Consult with higher levels of management
Chapter 9 Solutions
Management Of Information Security
Ch. 9 - Prob. 1RQCh. 9 - Prob. 2RQCh. 9 - Prob. 3RQCh. 9 - Prob. 4RQCh. 9 - Prob. 5RQCh. 9 - Prob. 6RQCh. 9 - Prob. 7RQCh. 9 - Prob. 8RQCh. 9 - Prob. 9RQCh. 9 - Prob. 10RQ
Ch. 9 - Prob. 11RQCh. 9 - What is a performance target, and how is it used...Ch. 9 - List and describe the fields found in a properly...Ch. 9 - Prob. 14RQCh. 9 - Prob. 15RQCh. 9 - Prob. 16RQCh. 9 - Prob. 17RQCh. 9 - Prob. 18RQCh. 9 - Prob. 19RQCh. 9 - Prob. 20RQCh. 9 - Prob. 1ECh. 9 - Prob. 3ECh. 9 - Prob. 4ECh. 9 - Prob. 1DQCh. 9 - Prob. 2DQCh. 9 - Prob. 1EDMCh. 9 - Prob. 2EDMCh. 9 - Prob. 3EDM
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Similar questions
- Where in a business do you think the responsibility for information security starts and ends? The organization's control decides when security policies and measures go into effect and when they go out of effect, respectively. Do you believe any of these limits should be further widened or widened? If that's the case, how did you go about it? If that's not the case, what's going on?arrow_forwardWhat is the SANS organization's declared mission? What function does it play in the certification process for information security professionals?arrow_forwardWhere do you believe the responsibility for information security begins and ends in a company? In order to know when security policies and procedures become active and inactive, we must know how much control the organization has over those times. Perceived or actual, do you think any of these boundaries will be increased in size? If this is the case, tell us how and why you went about it. If this isn't the case, why is that?arrow_forward
- After reading the case presented in the module, write a short response to the following discussion questions and ethical decision making scenario. Discussion Questions Before the discussion at the start of this chapter, how do Fred, Gladys, and Charlie each perceive the scope and scale of the new information security effort? Did Fred’s perception change after that? How should Fred measure success when he evaluates Gladys’ performance for this project? How should he evaluate Charlie’s performance? Which of the threats discussed in this chapter should receive Charlie’s attention early in his planning process?arrow_forwardWhat is the main distinction between the top-down and bottom-up approaches to the protection of confidential information? Why is the strategy that works from the top down more effective than the one that works from the bottom up?arrow_forwardCan the security industry teach us anything in our responsibilities as national and international practitioners of security?arrow_forward
- Make a compelling case in your own words for and against the benefits and drawbacks of a division of duties in an organization's information security strategy, based on your own professional experience?arrow_forwardIris called the company’s security hotline. The hotline is an anonymous way to report suspicious activity or abuse of company policy, although Iris chose to identify herself. The next morning, she was called to a meeting with an investigator from corporate security, which led to more meetings with others from corporate security and then with the director of human resources and Gladys Williams, the CIO of SLS. Should Iris have approached Henry directly, or was the hotline the most effective way to take action? Why do you think so?arrow_forwardWhere does an organization's information security begin and finish, in your opinion? To put it another way, when does a company's security policy and measures go into action, and when do they stop? Do you think any of these restrictions will be lifted in the future? Explain how and why if this is the case. What would be the cause if not?arrow_forward
- Who should lead a security team? Should the approach to security be more managerial or technical? Provide justificationarrow_forwardIf you were asked by your employer to develop a new Information Security Policy, where would you turn to find resources to build this policy? List the two most important items you would include in this new policy and explain why you felt these were most important.arrow_forwardWhen we speak of physical security, what precisely do we mean, and how does it stack up against other types of safety? In today's world, what dangers pose the greatest risk to a person's physical well-being? How do they get their name out there, and what form do their structural criticisms of the organization take?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning