ICTN4040 chapter 4

Ace your homework & exams now with Quizwiz!

A policy should state that if employees violate a company policy or any law using company technologies, the company will protect them, and the company is liable for the employee's actions.

False

A standard is a written-instruction provided by management that informs employees and others in the workplace about proper behavior.

False

Each policy should contain procedures and a timetable for periodic review.

True

Managerial control set the direction and scope of the security process and provide detailed instructions for its conduct

True

Technical controls are the tactical and technical implementations of security in the organization _____________________.

True

According to NIST SP 800-14's security principles, security should ________.

"support the mission of the organization, require a comprehensive and integrated approach, be cost effective" All of the above.

A cold site provides many of the same services and options of a hot site, but at a lower cost.

False

A managerial guidance SYSSP document is created by the IT experts in a company to God management in the implementation and configuration of technology.

False

Systems - specific security policies are organizational policies that provide detailed, targeted guidance to instruct all members of the organization in the use of a resource, such as one of its processes or technologies.

False

The I SSP is a plan which sets out the requirements that must be met by the information security blueprint or framework.

False

The global information security community has universally agreed with the justification for the code of or practices as identified in the iso/iec 17799

False

The operational plan documents the organizations intended long-term direction and efforts for the next several years.

False

In early 2014, in response to executive order 13636, and NIST published the cyber security framework, which intends to allow organizations to ______________.

Identify and Prioritize opportunities for improvement within the context of a continuous and reputable process

A service bureau is an agency that provides a service for a fee.

True

_____________ Controls address personnel security, physical security, and the protection of production inputs and outputs.

operational


Related study sets

Chapter 3 Charismatic and Transformational Leadership

View Set

Exam 4 (Chapter 48) MGMT of Pt's w/Intestinal and Rectal Disorders

View Set

International Business-Chapter 5-Political Forces That Affect Global Trade

View Set

Prep U Chapter 34: Assessment and Management of Patients with Inflammatory Rheumatic Disorders

View Set

Linux Installation and Usage (review questions) - [LINUX System Administration]

View Set

BUAD 306 Chapter 8: Stock Valuation

View Set

Why do some brains enjoy fear?, Why do some brains enjoy fear?

View Set