IS456 Ch.13&15

¡Supera tus tareas y exámenes ahora con Quizwiz!

Personally owned devices

A security awareness program that focuses on an organization's Bring Your Own Device (BYOD) policy is designed to cover the use of what type of equipment?

False

Symantec offers vendor-neutral certifications as well as certifications for its product lines.

True

A common method for identifying what skills a security professional possesses is his or her level of certification.

True

A GIAC credential holder may submit a technical paper that covers an important area of information security. If the paper is accepted, it adds the Gold credential to the base GIAC credential.

Certified Secure Software Lifecycle Professional (CSSLP)

Colin is a software developer. He would like to earn a credential that demonstrates to employers that he is well educated on software security issues. What certification would be most suitable for this purpose?

True

CompTIA Security+ is an entry-level security certification.

True

The (ISC)2 Systems Security Certified Practitioner (SSCP) credential covers the seven domains of best practices for information security.

False

The Certified Secure Software Lifecycle Professional (CSSLP) credential measures the knowledge and skills necessary for professionals involved in the process of authorizing and maintaining information systems.

True

The HealthCare Certified Information Security and Privacy Practitioner (HCISPP) credential recognizes the knowledge and skills necessary to perform and conduct security and privacy work for health care organizations.

False

The ISACA Certified in Risk and Information Systems Control (CRISC) certification targets security professionals who ensure that their organization satisfies IT governance requirements.

Annually

Donna is building a security awareness program designed to meet the requirements of the Payment Card Industry Data Security Standard (PCI DSS) 3.2. How often must she conduct training for all current employees?

International Council of E-Commerce Consultants (EC-Council)

Fran is interested in learning more about the popular Certified Ethical Hacker (CEH) credential. What organization should she contact?

8

How many domains of knowledge are covered by the Certified Information Systems Security Professional (CISSP) exam?

Four

How many years of post-secondary education are typically required to earn a bachelor's degree in a non-accelerated program?

Two

How many years of specialized experience are required to earn one of the Certified Information Systems Security Professional (CISSP) concentrations?

False

Information Systems Security Certification Consortium, Inc. (ISC)2 is the baseline for federal and DoD work-role definitions.

Certified Information Systems Auditor (CISA)

What certification focuses on information systems audit, control, and security professionals?

Associate's degree

What level of academic degree requires the shortest period of time to earn and does NOT require any other postsecondary degree as a prerequisite?

ISACA

What organization offers a variety of security certifications that are focused on the requirements of auditors?

Zero-day

What type of malware does NOT have an anti-malware solution and should be covered in security awareness training?

Education

What type of security communication effort focuses on a common body of knowledge?

Senior System Manager

What type of security role is covered by the Committee on National Security Systems (CNSS) Training Standard CNSS-4012?

Risk Analysts

What type of security role is covered by the Committee on National Security Systems (CNSS) Training Standard CNSS-4016?

MBA

Which of the following graduate degree programs focuses on managing the process of securing information systems, rather than the technical aspects of information security?

Self-study programs

Which of the following study options provides little to no opportunity for feedback?

True

Certified Internet Webmaster (CIW) offers several credentials that focus on both general and web-related security.

Accredited

________ refers to a program of study approved by the State Department of Education in the state that a school operates.

Awareness

__________ is a continuous process designed to keep all personnel vigilant.

True

A certification is an official statement that validates that a person has satisfied specific job requirements.

False

DoD Directive 8570.01 is a voluntary certification requirement.

True

DoD and NSA have adopted several training standards to serve as a pathway to satisfy Directive 8140. Although they are called standards, they are really training requirements for specific job responsibilities.

False

The CISSP-ISSEP concentration requires that a candidate demonstrate two years of professional experience in the area of architecture.

CCSA

Jim is an experienced security professional who recently accepted a position in an organization that uses Check Point firewalls. What certification can Jim earn to demonstrate his ability to administer these devices?

GIAC Certified Forensic Examiner (GCFE)

Jonas is an experienced information security professional with a specialized focus on evaluating computers for evidence of criminal or malicious activity and recovering data. Which GIAC certification would be most appropriate for Jonas to demonstrate his abilities?

True

Juniper Networks offers vendor-specific certifications.

True

One requirement of the GIAC Security Expert (GSE) credential is that candidates must hold three GIAC credentials, with two of the credentials being Gold.

True

RSA is a global provider of security, risk, and compliance solutions for enterprise environments.

Cisco Certified Internetwork Expert (CCIE) Security

Which of the following Cisco certifications demonstrates the most advanced level of security knowledge?

Certified Information Security Manager (CISM)

Which of the following certifications cannot be used to satisfy the security credential requirements for the advanced Certified Internet Webmaster (CIW) certifications?

Certified Information Systems Security Professional (CISSP)

Which of the following certifications is considered the flagship Information Systems Security Certification Consortium, Inc. (ISC)2 certification and the gold standard for information security professionals?

Systems Security Certified Practitioner (SSCP)

Ben is working toward a position as a senior security administrator and would like to earn his first International Information Systems Security Certification Consortium, Inc. (ISC)2 certification. Which certification is most appropriate for his needs?

False

Cisco offers certifications only at the Associate, Professional, and Expert levels.

True

Defense Information Systems Agency (DISA) is the agency arm of the U.S. Department of Defense that provides information technology and communications support to the White House, Secretary of Defense, and all military sectors that contribute to the defense of the United States of America.

Security+

Helen has no experience in security. She would like to earn a certification that demonstrates that she has the basic knowledge necessary to work in the information security field. What certification would be an appropriate first step for her?

Master's degree

Helen is an experienced information security professional who earned a four-year degree while a full-time student. She would like to continue her studies on a part-time basis. What is the next logical degree for Helen to earn?

Certified Information Security Manager (CISM)

Richard would like to earn a certification that demonstrates his ability to manage the information security function. What certification would be most appropriate for Richard?

CISSP-ISSAP

Rod has been a Certified Information Systems Security Professional (CISSP) for 10 years. He would like to earn an advanced certification that demonstrates his ability in information security architecture. Which of the following CISSP concentrations would meet Rod's needs?

True

The Certified Cloud Security Professional (CCSP) certification was created by both (ISC)2 and the Cloud Security Alliance (CSA).


Conjuntos de estudio relacionados

Chemistry- Chapter 6- Ionic Compounds and Metals

View Set

Financial Accounting Chapter 12 Review

View Set

MKT 574: Chapter 7: Segmentation, Target marketing, and positioning

View Set

AP Euro Multiple Choice Study Guide

View Set

Chapter 12 - Experimental Research

View Set

Chapter 8: Axial and Appendicular Skeleton

View Set