FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 5: Planning for Security

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 31

Short Answer

Review LaterAdd Note

Review Later

Some policies may need a(n)____________________ indicating their expiration date.

Correct Answer

verified

Show Answer

Question 32

True/False

Review LaterAdd Note

Review Later

Laws are more detailed statements of what must be done to comply with policy._________________________

A) True
B) False

Correct Answer

verified

Show Answer

Question 33

Multiple Choice

Review LaterAdd Note

Security ____ are the areas of trust within which users can freely communicate.

The gateway router can be used as the front-line defense against attacks,as it can be configured to allow only set types of protocols to enter.

A ____ site provides only rudimentary services and facilities.

A(n)contingency plan is prepared by the organization to anticipate,react to,and recover from events that threaten the security of information and information assets in the organization,and,subsequently,to restore the organization to normal modes of business operations._________________________

NIST Special Publication 800-18 Rev.1,The Guide for Developing Security Plans for Federal Information Systems,includes templates for major application security plans.

A(n)____________________ is a plan or course of action that conveys instructions from an organization's senior management to those who make decisions,take actions,and perform other duties.

SP 800-18 Rev.1,The Guide for Developing Security Plans for Federal Information Systems,must be customized to fit the particular needs of a(n)organization._________________________

Informational controls guide the development of education,training,and awareness programs for users,administrators,and management.

The global information security community has universally agreed with the justification for the code of practices as identified in the ISO/IEC 17799.

A managerial guidance SysSP document is created by the IT experts in a company to guide management in the implementation and configuration of technology.

A policy should state that if employees violate a company policy or any law using company technologies,the company will protect them,and the company is liable for the employee's actions.

The policy champion and manager is called the policy ____________________.

An alert ____ is a document containing contact information for the people to be notified in the event of an incident.

Redundancy can be implemented at a number of points throughout the security architecture,such as in ____.

The Security Area Working Group acts as an advisory board for the protocols and areas developed and promoted by the Internet Society and the ____.

A buffer against outside attacks is frequently referred to as a(n) ____.

Evidence is the physical object or documented information that proves an action occurred or identifies the intent of a perpetrator._________________________

What is the purpose of security education,training,and awareness (SETA)?