InfoSec Test 9-10

¡Supera tus tareas y exámenes ahora con Quizwiz!

In a double conversion offline UPS, the primary power source is the inverter, and the power feed from the utility is constantly recharging the battery, which in turn powers the output inverter.

False

In general, the design phase is accomplished by changing the configuration and operation of the organization's information systems to make them more secure.

False

In project planning, the tasks or action steps that come before the specific task at hand are commonly referred to as prerequisites.

False

In the early stages of planning, the project planner should attempt to specify completion dates only for major employees within the project.

False

Vibration detectors measure rates of change in the ambient temperature in the room.

False

Water damage is considered less dangerous to computer systems than hazardous chemicals like Halon.

False

When the lock of a door fails and causes the door to become unlocked, it is classified as a fail-secure lock.

False

When the lock of a door fails and the door remains locked, this is a(n) fail-safe lock.

False

Technology _______ guides how frequently technical systems are updated, and how technical updates are approved and funded.

Governance

Project managers can reduce resistance to change by involving employees in the project plan. In the systems development parts of a project, this is referred to as ________.

JAD

In the ______ UPS, the internal components of the standby models are replaced with a pair of inverters and converters.

Line-interactive

The date for sending the final RFP to vendors is considered a(n) _______, because it signals that all RFP preparation work is complete.

Milestone

In the _____ process, measured results are compared against expected results.

Negative feedback loop

A _______ is usually the best approach to security project implementation.

Phased implementation

________ sensors project and detect an infrared beam across an area.

Photoelectric

In a _______ implementation, the entire security system is put in place in a single office, department, or division before expanding to the rest of the organization.

Pilot

Interior walls only partially reach to the next floor, which leaves a space above the ceiling. This space is called a _______.

Plenum

Physical security is just as important as logical security to an information security program.

True

Planners need to estimate the effort required to complete each task, subtask, or action step.

True

Planning for the implementation phase of a security project requires the creation of a detailed project plan.

True

Smoke detection systems are perhaps the most common means of detecting a potentially dangerous fire, and they are required by building codes in most residential dwellings and commercial buildings.

True

Telecommuters should use a securable operating system that requires password authentication.

True

The budgets of public organizations are usually the product of legislation or public meetings.

True

The bull's-eye model can be used to evaluate the sequence of steps taken to integrate parts of the information security blueprint into a project plan.

True

The effective use of a DMZ is one of the primary methods of securing an organization's networks.

True

The need for qualified, trained, and available personnel constrains the project plan.

True

The online UPS can deliver a constant, smooth, conditioned power stream to computing systems.

True

The optimal time frame for training is usually one to three weeks before the new policies and technologies come online.

True

The primary drawback to the direct changeover approach is that if the new system fails or needs modification, users may be without services while the system's bugs are worked out.

True

The project plan as a whole must describe how to acquire and implement the needed security controls and create a setting in which those controls achieve the desired outcomes.

True

The size of the organization and the normal conduct of business may preclude a large training program on new security procedures or technologies.

True

Unfreezing in the Lewin change model involves thawing hard-and-fast habits and established procedures.

True

Vibration sensors fall into the motion sensor category.

True

Water-based systems are inexpensive, nontoxic, and can often be created by using an existing sprinkler system that may have been present in earlier construction.

True

Weak management support, with overly delegated responsibility and no champion, sentences a project to almost-certain failure.

True

When an estimate is flawed, as when the number of effort-hours required is underestimated, the plan should be corrected and downstream tasks updated to reflect the change.

True

_______ is a simple project management planning tool.

WBS

_______ sprinklers are the newest form of sprinkler systems and rely on ultra-fine mists instead of traditional shower-type systems.

Water mist

The goal of the ______ is to resolve any pending project related issues, critique the overall effort of the project, and draw conclusions about how to improve the project management process for the future.

Wrap-up

Fire detection systems fall into two general categories: manual and electrical.

False

A proven method for prioritizing a program of complex change is the bull's-eye method.

True

A task or subtask becomes a(n) action step when it can be completed by one individual or skill set and when it includes a single deliverable.

True

A variation of the dry-pipe system is the pre-action system, which has a two-phase response to a fire.

True

An ideal organization fosters resilience to change.

True

Carbon dioxide systems remove a fire's supply of oxygen.

True

Corrective action decisions are usually expressed in terms of trade-offs.

True

Each organization has to determine its own project management methodology for IT and information security projects.

True

For laptops, there are theft alarms made up of a PC card or other device that contains a motion detector.

True

Gaseous emission systems can be used in the suppression of fires.

True

Grounding ensures that the returning flow of current is properly discharged to the ground.

True

Guards can evaluate each situation as it arises and make reasoned responses.

True

In general, ESD damage to chips produces two types of failures: immediate and latent.

True

Keycard readers based on smart cards are often used to secure computer rooms, communications closets, and other restricted areas.

True

Locks can be divided into categories based on the triggering process, including: manual, programmable, electronic, and biometric.

True

Manual fire detection systems, include human responses, such as calling the fire department and manually activated alarms.

True

Once a project is underway, it is managed using a process known as gap analysis, which ensures that progress is measured periodically.

True

UPS devices typically have capacities that may run up to _______ VA.

1,000

The Lewin change model includes _______

All of the above

The SecSDLC involves which of the following activities?

All of the above

The _____ layer of the bull's-eye model receives attention last.

Applications

Class ______ fires are extinguished by agents that remove oxygen from the fire.

B

The _____ methodology has been used by many organizations and requires that issues be addressed from the general to the specific, and that the focus be on systematic solutions instead of individual problems.

Bull's-eye

Class ______ fires are safely extinguished with non-conducting agents only.

C

A(n) _______, used to justify the project is typically prepared in the analysis phase of the SecSDLC, must be reviewed and verified prior to the development of the project plan.

CBA

________ sensors for example, work when a foot steps on a pressure-sensitive pad under a rug, or a window is opened.

Contact and weight

Some cases of ________ are simple, such as requiring employees to begin using a new password on an announced date.

Direct changeover

A ______ system is designed to work in areas where electrical equipment is used. Instead of containing water, the system contains pressurized air.

Dry-pipe

One of the leading causes of damage to sensitive circuitry is _______.

ESD

A common form of mechanical locks are electric strike locks, which (usually) require people to announce themselves before being "buzzed" through a locked door.

False

A direct changeover is also known as going "fast turkey"

False

A gaseous system is designed to apply a liquid, usually water, to all areas in which a fire has been detected.

False

A name badge is an identification card that is typically carried concealed.

False

A wet-pipe system is usually considered appropriate in computer rooms.

False

All organizations should designate a champion from the general management community of interest to supervise the implementation of an information security project plan.

False

Class C fires are those fueled by combustible metals, such as magnesium, lithium, and sodium.

False

Each for-profit organization determines its capital budget and the rules for managing capital spending and expenses the same way.

False

Every organization needs to develop an information security department or program of its own.

False

Mechanical locks can accept a variety of inputs as keys, including magnetic strips on ID cards, radio signals from name badges, personal identification numbers (PINs) typed into a keypad, or some combination of these to activate an electrically powered servo to unlock the mechanism.

False

Most information security projects require a trained project developer.

False

Planning for the implementation phase requires the creation of a detailed request for proposal, which is often assigned either to a project manager or the project champion.

False

Standby power supply (SPS) UPSs provide power conditioning.

False

Static electricity is not noticeable to humans until levels approach 150 volts.

False

The RFP determines the impact that a specific technology or approach can have on the organization's information assets and what it may cost.

False

The capacity of UPS devices is measured using the voltage output rating.

False

The first step in the work breakdown structure (WBS) approach encompasses activities, but not deliverables.

False

The networks layer of the bull's-eye is the outermost ring of the bull's eye.

False

The parallel operations strategy works well when an isolated group can serve as a test area, which prevents any problems with the new system from dramatically interfering with the performance of the organization as a whole.

False

The security systems implementation life cycle involves collecting information about an organization's objective, its technical architecture, and its information security environment.

False

The work breakdown structure (WBS) can be prepared with a simple desktop PC word processing program.

False

There are three methods of data interception: direct observation, interception of data transmission, and mechanical interception.

False

There are very few qualified and professional agencies that provide physical security consulting and services.

False

The _______ level of the bull's-eye model establishes the ground rules for the use of all systems and describes what is appropriate and what is inappropriate; it enables all other information security components to function correctly.

Policies

By managing the _____, the organization can reduce unintended consequences by having a process to resolve potential conflict and disruption that uncoordinated change can introduce.

Process of change

_______ locks can be changed after they are put in service, allowing for combination or key changes without a locksmith and even allowing the owner to change to another access method (key or combination) to upgrade security.

Programmable

If the task is to write firewall specifications for the preparation of a(n) _______, the planner would note that the deliverable is a specification document suitable for distribution to vendors.

RFP

In the ________ approach, the sensor detects an unusually rapid increase in the area temperature within a relatively short period of time.

Rate-of-rise

Many public organizations must spend all budgeted funds within the fiscal year - otherwise, the subsequent year's budget is _______.

Reduced by the unspent amount.

______ involves a wide variety of computing sites outside the organizations primary facility and includes all forms of telecommuting.

Remote site computing

Most guards have clear _______ that help them to act decisively in unfamiliar situations.

SOPs

Tasks or action steps that come after the task at hand are called ______.

Successors

The _______ layer of the bull's-eye model includes computers used as servers, desktop computers, and systems used for process control and manufacturing systems.

Systems

_______ occurs when an authorized person opens a door, and other people, who may or may not be authorized, also enter.

Tailgating

The most sophisticated locks are ______ locks.

biometric

Videoconferencing is off site computing that uses Internet connections, dialup connections, connections over leased point-to-point links between offices and other mechanisms.

false


Conjuntos de estudio relacionados

W5 Cognitive impairments- Delirium, Demenita, Alzheimers, Parkinson's

View Set

irregular yo form verbs present tense

View Set

apush chapter 23 sections 3 and 4 quiz

View Set