|
Which of the following is NOT a unique function of Information Security Management? |
principles |
|
The use of cryptographic certificates to establish Secure Sockets Layer (SSL) connections is an example of which process? |
authentication |
|
It is possible to take a very complex operation and diagram it in PERT if you can answer three key questions about each activity. Which of the following is NOT one of them? |
What other activities require the same resources as this activity? |
|
The first step in solving problems is to gather facts and make assumptions. |
F |
|
Which function of InfoSec Management encompasses security personnel as well as aspects of the SETA program? |
people |
|
Which of the following is a C.I.A. characteristic that ensures that only those with sufficient privileges and a demonstrated need may access certain information? |
Confidentiality |
|
Information security project managers often follow methodologies based on what methodology promoted by the Project Management Institute? |
Project Management Body of Knowledge (PMBoK) |
|
What do audit logs that track user activity on an information system provide? |
accountability |
|
Which of the following is the first step in the problem-solving process? |
Recognize and define the problem |
|
Corruption of information can occur only while information is being stored. |
False |
|
In the WBS approach, the project plan is first broken down into tasks placed on the WBS task list. The minimum attributes that should be identified for each task include all but which of the following? |
The number of people and other resources needed for each task |
|
Which of the following is the process that develops, creates, and implements strategies for the accomplishment of objectives? |
planning |
|
Which of the following is the principle of management dedicated to the structuring of resources to support the accomplishment of objectives? |
organization |
|
The authorization process takes place before the authentication process. |
F |
|
Which of the following was originally developed in the late 1950s to meet the need of the rapidly expanding engineering projects associated with government acquisitions such as weapons systems? |
PERT |
|
What is one of the most frequently cited failures in project management? |
Failure to meet project deadlines |
|
Communications security involves the protection of which of the following? |
media, technology, and content |
|
Which of the following is NOT a step in the problem-solving process? |
Build support among management for the candidate solution |
|
Which of the following is NOT a knowledge area in the Project Management knowledge body? |
Technology |
|
Using the Program Evaluation and Review Technique, which of the following identifies the sequence of events or activities that requires the longest duration to complete, and that therefore cannot be delayed without delaying the entire project? |
critical path |
|
the difference between the time needed to complete the critical path and the time needed to arrive at completion using any other path |
|
|
Which of the following functions of Information Security Management seeks to dictate certain behavior within the organization through a set of organizational guidelines? |
policy |
|
The management of human resources must address many complicating factors; which of the following is NOT among them? |
All workers operate at approximately the same level of efficiency |
|
A project can have more than one critical path. |
T |
|
Which type of planning is used to organize the ongoing, day-to-day performance of tasks? |
Operational |
|
The primary goal of external monitoring is to maintain an informed awareness of the state of all of the organization’s networks, information systems, and information security defenses |
F |
|
resources include people, hardware, and the supporting system elements and resources associated with the management of information in all its states |
Physical |
|
According to the Corporate Governance Task Force (CGTF), which phase in the IDEAL model and framework lays the groundwork for a successful improvement effort? |
Initiating |
|
The National Association of Corporate Directors (NACD) recommends four essential practices for boards of directors. Which of the following is NOT one of these recommended practices? |
Hold regular meetings with the CIO to discuss tactical InfoSect planning |
|
In which level of planning are budgeting, resource allocation, and manpower critical components? |
tactical |
|
Which of the following should be included in an InfoSec governance program? |
An InfoSec risk management methodology |
|
A top-down approach to information security usually begins with a systems administrator’s attempt to improve the security of their systems. |
F |
|
usually a documented way to circumvent controls or take advantage of weaknesses in control systems |
|
|
Which type of attack involves sending a large number of connection or information requests to a target? |
denial-of-service (DoS) |
|
Penetration testing is often conducted by contractors, who are commonly referred to as black-hats. |
F |
|
What is the first phase of the SecSDLC? |
investigation |
|
Because it sets out general business intentions, a mission statement does not need to be concise. |
F |
|
Which type of planning is the primary tool in determining the long-term direction taken by an organization? |
strategic |
|
overflow is an application error that occurs when the system can’t handle the amount of data that is sent. |
buffer |
|
Which of the following is a feature left behind by system designers or maintenance staff that allows quick access to a system at a later time by bypassing access controls? |
back door |
|
A top-down approach to information security usually begins with a systems administrator’s attempt to improve the security of their systems. |
F |
|
Which of the following set the direction and scope of the security process and provide detailed instruction for its conduct? |
managerial controls |
|
Which of the following is a key advantage of the bottom-up approach to security implementation? |
utilizes the technical expertise of the individual administrators |
|
Which of the following explicitly declares the business of the organization and its intended areas of operations? |
mission statement |
|
phase is the last phase of SecSDLC, but perhaps the most important. |
maintenance and change |
|
testing, security personnel simulate or perform specific and controlled attacks to compromise or disrupt their own systems by exploiting documented vulnerabilities. |
penetration testing |
|
In which model in the SecSDLC does the work products of each phase fall into the next phase to serve as its starting point? |
waterfall |
|
Which of the following is true about planning? |
Strategic plans are used to create tactical plans |
|
Which of the following has the main goal of restoring normal modes of operation with minimal cost and disruption to normal business activities after an event? |
contingency planning |
|
is a document containing contact information of the individuals to notify in the event of an actual incident. |
alert roster |
|
plan is a detailed set of processes and procedures that anticipate, detect, and mitigate the effects of an unexpected event that might compromise information resources and assets |
incident response |
|
When dealing with an incident, the incident response team must conduct a(n) ____________________, which entails a detailed examination of the events that occurred from first detection to final recovery. |
after action review |
|
When a disaster renders the current business location unusable, which plan is put into action? |
business continuity |
|
Which contingency plan strategy do individuals work on their own tasks and are responsible for identifying the faults in their own procedures? |
simulation |
|
The bulk batch-transfer of data to an off-site facility is known as |
electronic vaulting |
|
testing of contingency plans, the individuals follow each and every procedure, including the interruption of service, restoration of data from backups, and notification of appropriate individuals. |
full-interruption |
|
In which contingency plan strategy do individuals act as if an actual incident occurred, and begin performing their required tasks and executing the necessary procedures, without interfering with the normal operations of the business? |
parallel testing |
|
What is the last stage of the business impact analysis? |
prioritize resources associated with the business processes |
|
In which type of site are no computer hardware or peripherals provided? |
cold site |
|
In the event of an incident or disaster, which team sets up and starts off-site operations? |
business continuity |
|
In most organizations, the COO is responsible for creating the IR plan |
F |
|
Which of the following is a tool that can be useful in resolving the issue of what business function is the most critical? |
weighted analysis tool |
|
After an incident, but before returning to its normal duties, the CSIRT must do which of the following? |
conduct an after-action review |
|
Which of the following is a responsibility of the crisis management team? |
Activating the alert roster |
|
is an agency that provides, in the case of DR/BC planning, physical facilities for a fee. |
full-interruption |
|
If operations at the primary site cannot be quickly restored, the ____________________ occurs concurrently with the DR plan, enabling the business to continue at an alternate site. |
BCP BC plan business continuity plan |
|
Which of the following is true about a hot site? |
It duplicates computing resources, peripherals, phone systems, applications, and workstations. |
|
is an agency that provides, in the case of DR/BC planning, physical facilities for a fee. |
service bureau |
|
In a warm site, all services and communications links are fully configured and the site can be fully functional within minutes. |
F |
|
When an incident takes place, the disaster recovery (DR) plan is invoked before the incident response (IR) plan. |
F |
|
Which of the following is usually conducted via leased lines or secure Internet connections whereby the receiving server archives the data as it is received |
Electronic vaulting |
|
Which of the following is the process of examining a possible incident and determining whether it constitutes an actual incident |
Incident classification |
|
is a document containing contact information of the individuals to notify in the event of an actual incident. |
alert roster |
|
Training should be as specialized as possible; personnel who are responsible for one duty should not be trained on other duties to avoid confusion during a disaster |
F |
Share This
Flashcard
