Management of Information Security Chapter 1

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

True

1) Policy, 2) awareness, training and education, and 3) technology are concepts vital for the protection of information.

decisional

A manager has informational, interpersonal, and ____ roles within the organization.

True

A project can have more than one critical path.

availability

According to the C.I.A. triangle, the three desirable characteristics of information are confidentiality, integrity, and ____

authentication

An information system possesses the characteristic of ____ when it is able to recognize individual users.

False

An information system that is able to recognize the identity of individual users is said to provide authentication

False

Another popular project management tool is the bar or McCumber chart, named for its developer, who created this method in the early 1900s.

accountability

Audit logs that track user activity on an information system provide ____

data network devices

Communications security involves the protection of an organization's ____.

Quality

If the project deliverables meet the requirements specified in the project plan, the project has met its ____________________ objective

False

Information security can be both a process and a project because it is in fact a continuous series of projects.

True

Leadership generally addresses the direction and motivation of the human resource.

False

Only a deliberate attack, such as a virus, can result in the corruption of a file.

False

Operations are discrete sequences of activities with starting points and defined completion points.

False

Policies are InfoSec operations that are specifically managed as separate entities.

True

Popular management theory categorizes the principles of management into planning, organizing, leading and controlling

True

The C.I.A. triangle is an important element of the CNSS model of information security.

Availability

The CNSS Security model known as the McCumber cube examines the confidentiality, integrity and ____________________ of information whether in storage, processing or transmission.

False

The CNSS security model includes detailed guidelines and policies that direct the implementation of controls.

activities

The Gantt chart lists ____ on its vertical axis and provides a simple time line on the horizontal axis.

availability

The ____ of information refers to the ability to access information without interference or obstruction and in a useable format.

formation Technology

The ____________________ community supports the business objectives of an organization by supplying and supporting information technology appropriate to the businesss' needs.

authorization

The activation and use of access control lists is an example of the ____ process.

False

The authorization process takes place before the authentication process.

accountability

The characteristic of ____ exists when a control provides assurance that every activity undertaken can be attributed to a named person or automated process.

False

The characteristic of information that enables a user to access it without interference or obstruction and in a useable format is confidentiality.

True

The integrity of information is threatened when it is exposed to corruption, damage, or destruction.

All workers operate at approximately the same level of efficiency

The management of human resources must address many complicating factors; which of the following is NOT among them?

information security

The protection of information and the systems and hardware that use, store, and transmit that information is known as ____.

goal

The term ____________________ refers to the end result of a planning process.

democratic

The three behavioral types of leaders are autocratic, laissez-faire, and ____________________.

False

The three desirable characteristics of information on which the C.I.A. triangle is founded are confidentiality, integrity, and authorization.

Operational

The three levels of planning are strategic planning, tactical planning, and ____________________ planning.

True

The two network scheduling techniques, the Critical Path Method and PERT, are similar in design.

False

When you review technological feasibility, you address the organization's financial ability to purchase the technology needed to implement a candidate solution

policy

Which of the following Principles of Information Security Management seeks to dictate certain behavior within the organization through a set of organizational guidance?

principles

Which of the following is NOT a Principle of Information Security Management?

Build support among management for the candidate solution

Which of the following is NOT a step in the problem-solving process?

Employees benefit from the formal training required for the method

Which of the following is NOT an advantage of the PERT method?

installation of a new firewall system

Which of the following is a project not a managed process?

Recognize and define the problem

Which of the following is the first step in the problem-solving process?

Failure to meet project deadlines

____ is one of the most frequently cited failures in project management.

Integrity

____ is the quality or state of being whole, complete, and uncorrupted.

Scope creep

____ occurs when the quantity or quality of project deliverables is expanded from the original project plan

Confidentiality

____ of information ensures that only those with sufficient privileges and a demonstrated need may access certain information.

Network

____ security addresses the ability to use the network to accomplish the organization's data communication functions.

Communications

___________________ security encompasses the protection of an organization's communications media, technology, and content.

Programs

____________________ are the operations conducted within InfoSec, which are specifically managed as separate entities.

Management

____________________ is the process of achieving objectives using a given set of resources.

Information Security

____________________ is the protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information.


Ensembles d'études connexes

Psych Exam 1 - Ch. 27 (Anger, Aggression, & Violence)

View Set

Engelska oregelbundna verb- från choose till do

View Set

2 - Project Scope Management - Test

View Set

Social Psych Final Review (previous test answers)

View Set