SECNet - Ch 10 quiz

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

The need for qualified, trained, and available personnel constrains the project plan

T

The primary drawback to the direct changover approach is that if the new system fails or needs modification, users may be without services while the sytem's bugs are worked out.

T

The project plan as a whole must describe how to acquire and implement the needed security controls and create a setting in which those controls achieve the desired outcomes.

T

The size of the organization and the normal conduct of business may preclude a single large training program on new security procedures or technologies.

T

When an estimate is flawed, as when the number of effort-hours required is underestimated, the plan should be corrected and downstream tasks updated to reflect the change

T

systems

The __________ layer of the bull's-eye model includes computers used as severs, desktop computers, and systems used for process control and manufacturing.

policies

The __________ level of the bull's-eye model establishes the ground rules for the use of all system and describes what is appropriate and what is inappropriate; it enables all other information security components to function correctly.

bull's eye

The __________ methodology has been used by many organizations and requires that issues be addressed from the general to the specific, and that the focus be on systematic solutions instead of individual problems.

wrap-up

The goal of the __________ is to resolve any pending project-related issues, critique the overall effort of the project, and draw conclusions about how to improve the project management process for the future.

WBS

_____ is a simple project management planning tool.

All of the Above (Collecting Information about an organization's objective, information security environment, and technical architecture)

Effective planning for information security involves: __________.

The first step in the work breakdown structure (WBS) approach encompasses activities, but not deliverables.

F

The networks layer of the bull's-eye is the outermost ring of the bull's eye.

F

RFP

If the task is to write firewall specifications for the preparation of a(n) __________, the planner would note that the deliverable is a specification document suitable for distribution to vendors.

pilot

In a __________ implementation, the entire security system is put in a single office, department , or division before expanding to the rest of the organization.

negative feedback loop

In the __________ process, measured results are compared against expected results.

direct changeover

Some cases of __________ are simple, such as requiring employees to begin using a new password on an announced date.

Planning for the implementation phase of a security project requires the creation of a detailed project plan.

T

The budgets of public organizations are usually the product of legislation or public meetings.

T

The effective use of a DMZ is one of the primary methods of securing an organization's networks.

T


Ensembles d'études connexes

Day 1 - Introduction to OSHA for Freshman

View Set

unit 8 vocab completing the sentence

View Set

ch. 12: the skeletal system (smartbook notes)

View Set

Unit 6 - Renal - Unit 19 - Kidney Clinical Assessment and Diagnostic Procedures

View Set

RNSG 2201 Care of Children and Family Evolve Ch 26

View Set

Research - How to tell if a website is credible

View Set