CSC 116 Actual test 5
List and briefly described the five domains of the maintenance model.
The five domains are: 1. Internal, 2. External, 3. Planning, 4. Vulnerability, and 5. Readiness
List and describe the credentials of the various information security certifications listed in this chapter.
1. CISSP: Requires a 4 year degree, a minimum of 5 years of experience in IT security. 2. SSCP: requires at least one year of IT security work experience. 3. GIAC Professional Security cert: No work experience is required but self study, and educational training is recommended. 3. CISA: Work experience required can range from 1 to 5 years in IT security. Depending on the candidates educational level.
What is a resource? What are the two types?
A resource can be defined as something of value or having value. 1. Humans (Employees, workers, employers, etc) and 2. Capital
What is a project plan? List what a project plan can accomplish?
Detailed step by step program to get a job/project done. This is documented instructions for participants and stakeholders of a project. Providing details on goals, objectives, tasks, scheduling, and resource management.
What is a deliverable? Name two uses for deliverables
It is an assignable item, or list of assignable items. This can be any product, service, or result that must be completed to finish a project. 1. Planning Deliverables: Management plans, scheduling, and budgeting, project artifacts, etc. 2. Activity Deliverables: Status reports, meetings, reviews, etc.
For each of the major types of information security job titles covered in the chapter list and describe the criteria used for the selection.
Major positions in IT security can be grouped in the following: 1. CISSO/ CIO Executive: Must have, Phd or MBA degree, has many years of job experience. 2. IT Security Manager: Must have, MSCS, Masters in Information Technology/ Information Systems or MBA degree, has many years of job experience. 3. IT Security professional: Must have a Bachelor's degree, usually 0 to 2 years of job experience. 4. IT security Technician: Academic level: Associates required, but Bachelor's degrees are preferred. Usually has minimal to no experience.
List and define the factors that are likely to shift in a firm's information security environment.
New assets acquire vulnerabilities, thus business priorities shift. 1. Rules and regulations change to meet current standards. 2. New employees get hired as old ones leave/ retire. 3. Experience employees help train new workers. 4. Credentials and jobs roles shift from ex-employees to experience workers.
What are some of the factors that influence the organization's information security hiring decisions?
Organizations look for certain traits in hiring IT security professionals. Looking at potential candidates: 1. academic credentials, 2. job/ career experience, 3. checking if a person has good moral character, and etc.
What is the value of a statement of vision and objectives? Why is it needed needed before a project plan is developed?
The assignment statement is the goal of a company. Without having a statement for the objective there is no goal. Without having a goal, they don't know what to accomplish.
List and describe the three major steps in executing the project plan.
They are the following: 1. Create and make the plan, 2. Documentation; document what you need for the plan, and 3. Implementation; executing the plan.