Info Sec Test 10

Ace your homework & exams now with Quizwiz!

If the task is to write firewall specifications for the preparation of a(n) ____, the planner would note that the deliverable is a specification document suitable for distribution to vendors.

RFP

____ is a simple planning tool.

WBS

The date for sending the final RFP to vendors is considered a(n) ____, because it signals that all RFP preparation work is complete.

milestone

In the ____ process, measured results are compared to expected results.

negative feedback loop

A ____ is usually the best approach to security project implementation.

phased implementation

In a ____ implementation, the entire security system is put in place in a single office, department, or division, and issues that arise are dealt with before expanding to the rest of the organization.

pilot

A(n) ____, typically prepared in the analysis phase of the SecSDLC, must be reviewed and verified prior to the development of the project plan.

CBA

Project managers can reduce resistance to change by involving employees in the project plan. In systems development, this is referred to as ____.

JAD

The ____ layer of the bull's-eye model includes computers used as servers, desktop computers, and systems used for process control and manufacturing systems.

Systems

The ____ methodology has been used by many organizations, requires that issues be addressed from the general to the specific, and that the focus be on systematic solutions instead of individual problems.

bull's-eye

The Lewin change model consists of ____.

All of the above

The ____ layer of the bull's-eye model receives attention last.

Applications

The ____ level of the bull's-eye model establishes the ground rules for the use of all systems and describes what is appropriate and what is inappropriate, it enables all other information security components to function correctly.

Policies

The ____ involves collecting information about an organization's objectives, its technical architecture, and its information security environment.

SecSDLC

Some cases of ____ are simple, such as requiring employees to use a new password beginning on an announced date.

direct changeover

Public organizations often have "____" to spend all their remaining funds before the end of the fiscal year.

end-of-fiscal-year spend-a-thons

Technology ____ guides how frequently technical systems are updated, and how technical updates are approved and funded.

governance

By managing the ____, the organization can reduce unintended consequences by having a process to resolve potential conflict and disruption that uncoordinated change can introduce.

process of change

Tasks or action steps that come after the task at hand are called ____.

successors

The goal of the ____ is to resolve any pending issues, critique the overall effort of the project, and draw conclusions about how to improve the process for the future.

wrap-up


Related study sets

Chapter 4: The International Flow of Funds and Exchange Rates

View Set

Standard VII—Responsibilities as a CFA Institute Member or CFA Candidate (Ethics and Standards of Practice Module 7)

View Set

Yo, Tú, Él, Ella, Usted, Nosotros, Vosotros, Ellos, Ellas, Ustedes - Spanish Personal Pronouns

View Set

Chapter 36 Abdominal and Genitourinary Trauma

View Set

The Skilled Helper (11th edition) Chapter 3

View Set

SB CH. 9 - Sales Order Processing

View Set

Integumentary Disorders Practice Questions

View Set