Question 1

A ____ is a collection of suggestions that should be implemented.

Accepted Answer

A)  code of ethics 
B)  guideline 
C)  standard 
D)  policy 
A)  code of ethics 
B)  guideline 
C)  standard 
D)  policy

Question 2

What are the characteristics of a policy?

Accepted Answer

Although there are a variety of types of

Question 3

A(n) ____________________ is a document or series of documents that clearly defines the defense mechanisms an organization will employ to keep information secure.

Accepted Answer

The answer of A(n) ____________________ is a document or series...

Question 4

Identifying assets is a fairly simple and quick process.

Accepted Answer

A) True 
 B)False

Question 5

A(n) ____ is defined as any item that has a positive economic value.

Accepted Answer

A)  risk 
B)  asset 
C)  threat 
D)  vulnerability 
A)  risk 
B)  asset 
C)  threat 
D)  vulnerability

Question 6

What are some of the factors to consider when determining the relative value of an asset?

Accepted Answer

Factors that should be
considered in det

Question 7

A(n) ____ provides a visual image of the attacks that may occur against an asset.

Accepted Answer

A)  asset tree 
B)  attack tree 
C)  asset modeling 
D)  asset identification 
A)  asset tree 
B)  attack tree 
C)  asset modeling 
D)  asset identification

Question 8

____ seeks to determine the risks that an organization faces against its information assets.

Accepted Answer

A)  Risk identification 
B)  Security policy design 
C)  Security policy evaluation 
D)  Compliance monitoring and evaluation 
A)  Risk identification 
B)  Security policy design 
C)  Security policy evaluation 
D)  Compliance monitoring and evaluation

Question 9

A(n) ____ outlines the actions to be performed when a security breach occurs.

Accepted Answer

A)  risk identification 
B)  threat modeling 
C)  risk management 
D)  incident response 
A)  risk identification 
B)  threat modeling 
C)  risk management 
D)  incident response

Question 10

The ____ is the expected monetary loss that can be expected for an asset because of a risk over a one-year period.

Accepted Answer

A)  Exposure Factor (EF) 
B)  Annualized Rate of Occurrence (ARO) 
C)  Annualized Loss Expectancy (AL
E)  
D)  Single Loss Expectancy (SL
E)  
A)  Exposure Factor (EF) 
B)  Annualized Rate of Occurrence (ARO) 
C)  Annualized Loss Expectancy (AL
E)  
D)  Single Loss Expectancy (SL
E)

Question 11

Managing the process of implementing changes is known as ____.

Accepted Answer

A)  risk assessment 
B)  change management 
C)  change identification 
D)  change modeling 
A)  risk assessment 
B)  change management 
C)  change identification 
D)  change modeling

Question 12

Only that employee whose job function depends on knowing the information is provided access. This is called ____.

Accepted Answer

A)  Due care 
B)  Separation of duties 
C)  Risk assessment 
D)  Need to know 
A)  Due care 
B)  Separation of duties 
C)  Risk assessment 
D)  Need to know

Question 13

____________________ means that one person's work serves as a complementary check on another person's actions.

Accepted Answer

Separation

Question 14

Briefly explain how to perform a risk assessment.

Accepted Answer

Determining the damage from an attack fi

Question 15

____ takes a current snapshot of the security of the organization as it now stands.

Accepted Answer

A)  Asset modeling 
B)  Asset tree 
C)  Threat modeling 
D)  Vulnerability appraisal 
A)  Asset modeling 
B)  Asset tree 
C)  Threat modeling 
D)  Vulnerability appraisal

Question 16

____ constructs scenarios of the types of threats that assets can face.

Accepted Answer

A)  Asset management 
B)  Vulnerability identification 
C)  Threat modeling 
D)  Asset identification 
A)  Asset management 
B)  Vulnerability identification 
C)  Threat modeling 
D)  Asset identification

Question 17

A ____ is a collection of requirements specific to the system or procedure that must be met by everyone.

Accepted Answer

A)  code of ethics 
B)  guideline 
C)  standard 
D)  policy 
A)  code of ethics 
B)  guideline 
C)  standard 
D)  policy

Question 18

A(n) ____ policy should clearly address how passwords are managed.

Accepted Answer

A)  password management 
B)  VPN 
C)  acceptable use 
D)  WLAN use 
A)  password management 
B)  VPN 
C)  acceptable use 
D)  WLAN use

Question 19

The goal of information security is to protect the integrity, ____, and availability of data on the devices that store, manipulate, and transmit the information.

Accepted Answer

A)  authorization 
B)  authentication 
C)  confidentiality 
D)  accounting 
A)  authorization 
B)  authentication 
C)  confidentiality 
D)  accounting

Question 20

What are the types of assets available at any organization?

Accepted Answer

An organization has many types of assets

A ____ is a collection of suggestions that should be implemented.

What are the characteristics of a policy?

A(n) ____________________ is a document or series of documents that clearly defines the defense mechanisms an organization will employ to keep information secure.

Identifying assets is a fairly simple and quick process.

A(n) ____ is defined as any item that has a positive economic value.

What are some of the factors to consider when determining the relative value of an asset?

A(n) ____ provides a visual image of the attacks that may occur against an asset.

____ seeks to determine the risks that an organization faces against its information assets.

A(n) ____ outlines the actions to be performed when a security breach occurs.

The ____ is the expected monetary loss that can be expected for an asset because of a risk over a one-year period.

Managing the process of implementing changes is known as ____.

Only that employee whose job function depends on knowing the information is provided access. This is called ____.

____________________ means that one person's work serves as a complementary check on another person's actions.

Briefly explain how to perform a risk assessment.

____ takes a current snapshot of the security of the organization as it now stands.

____ constructs scenarios of the types of threats that assets can face.

A ____ is a collection of requirements specific to the system or procedure that must be met by everyone.

A(n) ____ policy should clearly address how passwords are managed.

The goal of information security is to protect the integrity, ____, and availability of data on the devices that store, manipulate, and transmit the information.

What are the types of assets available at any organization?

Foundations of Wireless Security

Wireless LAN Vulnerabilities

Passive Wireless Discovery

Active Wireless Attacks

Wireless Security Models

Enterprise Wireless Hardware Security

Designing a Secure Wireless Network

Secure Wireless Authentication

Secure Wireless Transmissions

Managing the Wireless Network

Operational Support and Wireless Convergence

Filters

Exam 11: Wireless Security Policy

A ____ is a collection of suggestions that should be implemented.

What are the characteristics of a policy?

A(n) ____________________ is a document or series of documents that clearly defines the defense mechanisms an organization will employ to keep information secure.

Identifying assets is a fairly simple and quick process.

A(n) ____ is defined as any item that has a positive economic value.

What are some of the factors to consider when determining the relative value of an asset?

A(n) ____ provides a visual image of the attacks that may occur against an asset.

____ seeks to determine the risks that an organization faces against its information assets.

A(n) ____ outlines the actions to be performed when a security breach occurs.

The ____ is the expected monetary loss that can be expected for an asset because of a risk over a one-year period.

Managing the process of implementing changes is known as ____.

Only that employee whose job function depends on knowing the information is provided access. This is called ____.

____________________ means that one person's work serves as a complementary check on another person's actions.

Briefly explain how to perform a risk assessment.

____ takes a current snapshot of the security of the organization as it now stands.

____ constructs scenarios of the types of threats that assets can face.

A ____ is a collection of requirements specific to the system or procedure that must be met by everyone.

A(n) ____ policy should clearly address how passwords are managed.

The goal of information security is to protect the integrity, ____, and availability of data on the devices that store, manipulate, and transmit the information.

What are the types of assets available at any organization?

Foundations of Wireless Security

Wireless LAN Vulnerabilities

Passive Wireless Discovery

Active Wireless Attacks

Wireless Security Models

Enterprise Wireless Hardware Security

Designing a Secure Wireless Network

Secure Wireless Authentication

Secure Wireless Transmissions

Managing the Wireless Network

Operational Support and Wireless Convergence

Filters