module 11

If the task is to write firewall specifications for the preparation of a(n) _____, the planner would note that the deliverable is a specification document suitable for distribution to vendors.

REP

A type of SDLC in which each phase has results that flow into the next phase is called the _____ model.

Waterfall model

A(n) _____ is a simple project management planning tool used to break the project plan into smaller and smaller steps.

Work Breakdown Structure (WBS)

The _____ design phase of an SDLC methodology is implementation independent, meaning that it contains no reference to specific technologies, vendors, or products.

logical

In a _____ implementation, the entire security system is put in place in a single office, department, or division before expanding to the rest of the organization.

pilot

Project managers can reduce resistance to change by involving employees in the project plan. In the systems development parts of a project, this is referred to as _____.

JAD

The _____ methodology has been used by many organizations and requires that issues be addressed from the general to the specific, and that the focus be on systematic solutions instead of individual problems.

bull-eye

Effective planning for information security involves:

All of the above

An emerging methodology to integrate the effort of the development team and the operations team to improve the functionality and security of applications is known as _____.

DevOps

A _____ is usually the best approach to security project implementation.

Phased Implementation

By managing the _____, the organization can reduce unintended consequences by having a process to resolve the potential conflict and disruption that uncoordinated change can introduce.

Process of change

A methodology and formal development strategy for the design and implementation of an information system is referred to as a _____.

Security' Development Life Cycle (SDLC)

The date for sending the final RFP to vendors is considered a milestone because it signals that __________.

all RFP preparation work is complete.

Some cases of _____ are simple, such as requiring employees to begin using a new password on an announced date.

direct changeover

Technology _____ guides how frequently technical systems are updated, and how technical updates are approved and funded, and also facilitates communication about technical advances and issues across the organization..

governance

The _____ level of the bull's-eye model establishes the ground rules for the use of all systems and describes what is appropriate and what is inappropriate; it enables all other information security components to function correctly.

policies

Tasks or action steps that come after the task at hand are called _____.

successors.

The _____ layer of the bull's-eye model includes computers used as servers, desktop computers, and systems used for process control and manufacturing.

system

The Lewin change model includes _____.

unfreezing, changing and refreezing