Professional Documents
Culture Documents
1)
1)
_______ A)
Transmitted
B) Stored
Processed
D) Factor ed 2 )
Why is it important to consistent ly enforce policy, and not "go easy on someone" ?
2)
_______ A)
Tl P hor o ega li ni c w i za etio ln f is am r or ee im opo f rta nt t th han eth e oin vdi evi r du aal' ls
Playing favorites D)
creates resentment
It is easier to 3)
defend in court
Which of the following is LEAST likely to lead to employee s accepting and following policy?
3)
_______ A)
Consistently D)
enforce policies
Make policy 4)
4)
_______ A)
This helps to D)
ensure consistency
It is required by 5)
law
5)
_______ A)
It is part of their 6)
job
When should informatio n security policies, procedure s, standards , and guidelines be revisited?
6)
_______ A)
N A nnually wr eitt ven ean rd ; pu bli osh ned c, eth ey tm hus et ybe ad ahe r re ed to
When dictated by 7)
change drivers
7)
_______ A)
Involve people in D)
Give everyone a 8)
8)
_______ A)
W L eness, ici hes a and the eco c lack of nnfl k awaren ict o ess t wi f about w a the th oea w lack of ch a awaren pot r ess ohe lr
Screened-subnet D)
firewall
9)
Which is the preferred approach to organizing informatio n security policies, procedure s, standards , and guidelines ?
9)
_______ A)
Kse C ne epa o standar eratm ds and pe b guideli fro i nes tm hth ee pr poc oed l ur i es c, yst an dda ord cs, uan m d egu nid t eli sne s
Combine policies D)
and procedures
separate
10)
10)
______ A)
Hns T banks emu h posses ast e s can l saf i be t egun identif hard f iable pri o and c vat r whole ae min r heaa regard elth t to any car i custo oe o mer r infon grm aati non i fro zm adis t clo i sur oe
Businesses need D)
It protects banks
11)
11)
______ A)
I evo C ith the m cati o critical m on mity of eof minform dall e ation i use n the ar s policy t pri u was evile r writte ges a n to r t protec et w
including, termination
Violations should
12)
12)
______ A)
S onl T tive oy h leader m be e ship eem mstyle, t plo o especi hyed s ally in i wh t relatio nen e n to ginfof inform rm f ation t ati e securit hon c y asec t urit y s poli hcie os uare l ne dw
The same as D)
Ineffective in a
high-tech company
13)
Why is it important to remind people about best practice informatio n security behaviors ?
13)
______ A)
I are R nforce t aw e their are mknowl etha i edge, nt n and s ma d help unage them r em r better eent s unders s is r tand wat e expect t chi i ations hng ethe ym
Reminders are the least expensive way to ensure compliance with policies
14)
Which is the worst that may happen if informatio n security policies are out of date, or address technologi es no longer used in the organizati on?
14)
______ A)
Eana T y may xge h incur eme e unnec c nt c essary uma o costs t y mto i bec p chang vom a e ee n them ups m et
15)
15)
______ A)
Alect A mana c the p geme c cur p nt, uren r and r t o unders atec v tood t hnoe by elog d everyo l y b ne yenv y iro r nm eent f
Secure and protect assets from foreseeable harm, and provide flexibility for the unforeseen D)
Comply with
16)
Which part of the U.S. Constituti on is analogous to the first approved version of a new informatio n security policy?
16)
______ A)
Articles
B) The
Torah
Amendments
D) The
Bill of
7)
In what way are the Torah and the U.S. Constituti on like informatio n security policies?
17)
______ A)
They include D)
business rules
They contain
18)
18)
______ A)
Wm S tealing i ay t ado hpt oco um t mo n c beh oavi m ors m and ocho nice s r tha ut l ma eke s the , ove rall pgro eup oles ps l sta eble
The behavior of D)
people in power
People tend to
SHORT ANSWER. Write the word or phrase that best completes each statement or answers the question. 19)
An informatio n security ________ exists when users share account names and password s with each other.
19)
______ _______
20
An organizati on which does not enforce policy is said to have ________ policies.
20)
______ _______
21
The ________ are either elected or chosen to direct the affairs of a corporatio n, and are responsibl e for providing oversight of the informatio n security program.
21)
______ _______
22
According to HIPAA, private health care informatio n must remain protected from damage, misuse, and ________.
22)
______ _______
23
The U.S. Constituti on's ________ are the built-in framewor k that makes it possible to change the document , while still adhering to its original intent.
23)
______ _______
24
Match information security function each role with its responsibi lities to the right: I. Board of Directors A. Ensure that informatio n security controls are functionin g intended II. Informatio n Owner B. Approve written informatio n security policies III. Data Custodian C. Establish the controls that provide informatio n security IV. ISOD. Process and store informatio n V. Internal Auditor E. Administe r the
24)
______ _______ 25 )
Match the deal with another following terms to their meanings: I. Foreign Policy A. Policy adopted by society through legislative means to govern its people II. Law B. Civil or criminal; imposed for violations III. Policy Area C. A general topic, which relates to specific behavior and expectati ons IV. Penalty D. Standards for public and private education V. Education Policy E. Ways and means for one nation to
25)
______ _______
1 )
D 2)
A D 3 )4 )
C 5)
C 6)
D 7)
C 8)
B 9)
A 10)
B 11)
B 12)
B 13)
B 14)
D 15)
C 16)
A 17)
B 18)
A 19)
gap 20)
BCD EA 25)
EAC BD