Exam 11: Security and Personnel

Many who enter the field of information security are technical professionals such as __________ who find themselves working on information security applications and processes more often than traditional IT assignments.

Free

(Multiple Choice)

4.7/5

(31)

Question 1

Correct Answer:

Verified

The process of ensuring that no unnecessary access to data exists and that employees are able to perform only the minimum operations necessary on a set of data is referred to as the principle of ____________________.

Free

(Short Answer)

4.9/5

(26)

Question 2

Correct Answer:

Verified

least privilege

The __________ is typically considered the top information security officer in the organization.

Free

(Multiple Choice)

4.9/5

(42)

Question 3

Correct Answer:

Verified

Job ____________________ can greatly increase the chance that an employee's misuse of the system or abuse of information will be detected by another employee.

(Short Answer)

4.7/5

(33)

Question 4

A mandatory furlough provides the organization with the ability to audit the work of an individual. _________________________

(True/False)

4.8/5

(29)

Question 5

The position of security technician can be offered as an entry-level position.

(True/False)

4.9/5

(43)

Question 6

Security ____________________ are accountable for the day-to-day operation of the information security program.

(Short Answer)

4.8/5

(40)

Question 7

The International Society of Forensic Computer Examiners (ISFCE) offers which certifications

(Multiple Choice)

4.9/5

(40)

Question 8

The process of integrating information security perspectives into the hiring process begins with reviewing and updating all job descriptions.

(True/False)

4.9/5

(41)

Question 9

A(n) ____________________ agency provides specifically qualified individuals at the paid request of another company.

(Short Answer)

4.9/5

(34)

Question 10

The CISA credential is touted by ISACA as the certification that is appropriate for all but which type of professionals

(Multiple Choice)

4.8/5

(37)

Question 11

CompTIA offers a vendor-specific certification program called the Security+ certification.

(True/False)

4.9/5

(32)

Question 12

Friendly departures include termination for cause, permanent downsizing, temporary lay-off, or some instances of quitting. _________________________

(True/False)

4.8/5

(41)

Question 13

The __________ certification program has added a number of concentrations that can demonstrate advanced knowledge beyond the basic certification's CBK.

(Multiple Choice)

4.8/5

(45)

Question 14

A background check must always be conducted to determine the level of trust the business can place in a candidate for an information security position.

(True/False)

4.8/5

(38)

Question 15

Like the CISSP, the SSCP certification is more applicable to the security than to the security .

(Multiple Choice)

4.8/5

(33)

Question 16

The SSCP examination is much more rigorous than the CISSP examination.

(True/False)

4.9/5

(41)

Question 17

Security managers accomplish objectives identified by the CISO and resolve issues identified by technicians. _________________________

(True/False)

4.8/5

(38)

Question 18

Though CISOs are business managers first and technologists second, they must be conversant in all areas of information security, including the technical, planning, and ____________________ areas.

(Short Answer)

4.7/5

(36)

Question 19

In many organizations, information security teams lack established roles and responsibilities.

(True/False)

4.8/5

(41)

Question 20

Showing 1 - 20 of 77

Many who enter the field of information security are technical professionals such as __________ who find themselves working on information security applications and processes more often than traditional IT assignments.

The process of ensuring that no unnecessary access to data exists and that employees are able to perform only the minimum operations necessary on a set of data is referred to as the principle of ____________________.

The __________ is typically considered the top information security officer in the organization.

Job ____________________ can greatly increase the chance that an employee's misuse of the system or abuse of information will be detected by another employee.

A mandatory furlough provides the organization with the ability to audit the work of an individual. _________________________

The position of security technician can be offered as an entry-level position.

Security ____________________ are accountable for the day-to-day operation of the information security program.

The International Society of Forensic Computer Examiners (ISFCE) offers which certifications

The process of integrating information security perspectives into the hiring process begins with reviewing and updating all job descriptions.

A(n) ____________________ agency provides specifically qualified individuals at the paid request of another company.

The CISA credential is touted by ISACA as the certification that is appropriate for all but which type of professionals

CompTIA offers a vendor-specific certification program called the Security+ certification.

Friendly departures include termination for cause, permanent downsizing, temporary lay-off, or some instances of quitting. _________________________

The __________ certification program has added a number of concentrations that can demonstrate advanced knowledge beyond the basic certification's CBK.

A background check must always be conducted to determine the level of trust the business can place in a candidate for an information security position.

Like the CISSP, the SSCP certification is more applicable to the security than to the security .

The SSCP examination is much more rigorous than the CISSP examination.

Security managers accomplish objectives identified by the CISO and resolve issues identified by technicians. _________________________

Though CISOs are business managers first and technologists second, they must be conversant in all areas of information security, including the technical, planning, and ____________________ areas.

In many organizations, information security teams lack established roles and responsibilities.

Introduction to Information Security

The Need for Security

Legal, Ethical, and Professional Issues in Information Security

Planning for Security

Risk Management

Security Technology: Access Controls, Firewalls, and VPNS

Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools

Cryptography

Physical Security

Implementing Information Security

Information Security Maintenance

Filters

Exam 11: Security and Personnel

Many who enter the field of information security are technical professionals such as __________ who find themselves working on information security applications and processes more often than traditional IT assignments.

The process of ensuring that no unnecessary access to data exists and that employees are able to perform only the minimum operations necessary on a set of data is referred to as the principle of ____________________.

The __________ is typically considered the top information security officer in the organization.

Job ____________________ can greatly increase the chance that an employee's misuse of the system or abuse of information will be detected by another employee.

A mandatory furlough provides the organization with the ability to audit the work of an individual. _________________________

The position of security technician can be offered as an entry-level position.

Security ____________________ are accountable for the day-to-day operation of the information security program.

The International Society of Forensic Computer Examiners (ISFCE) offers which certifications

The process of integrating information security perspectives into the hiring process begins with reviewing and updating all job descriptions.

A(n) ____________________ agency provides specifically qualified individuals at the paid request of another company.

The CISA credential is touted by ISACA as the certification that is appropriate for all but which type of professionals

CompTIA offers a vendor-specific certification program called the Security+ certification.

Friendly departures include termination for cause, permanent downsizing, temporary lay-off, or some instances of quitting. _________________________

The __________ certification program has added a number of concentrations that can demonstrate advanced knowledge beyond the basic certification's CBK.

A background check must always be conducted to determine the level of trust the business can place in a candidate for an information security position.

Like the CISSP, the SSCP certification is more applicable to the security__________ than to the security __________.

The SSCP examination is much more rigorous than the CISSP examination.

Security managers accomplish objectives identified by the CISO and resolve issues identified by technicians. _________________________

Though CISOs are business managers first and technologists second, they must be conversant in all areas of information security, including the technical, planning, and ____________________ areas.

In many organizations, information security teams lack established roles and responsibilities.

Introduction to Information Security

The Need for Security

Legal, Ethical, and Professional Issues in Information Security

Planning for Security

Risk Management

Security Technology: Access Controls, Firewalls, and VPNS

Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools

Cryptography

Physical Security

Implementing Information Security

Information Security Maintenance

Filters

Like the CISSP, the SSCP certification is more applicable to the security than to the security .