Question 1

Describe the benefits of a security newsletter.

Accepted Answer

The security newsletter is the most cost

Question 2

What topics might an ISSP cover?

Accepted Answer

Use of company-owned networks and the In

Question 3

A security ____ is an outline of the overall information security strategy and a roadmap for planned changes to the organization's information security environment.

Accepted Answer

A)  policy 
B)  blueprint 
C)  standard 
D)  framework 
A)  policy 
B)  blueprint 
C)  standard 
D)  framework

Question 4

The ____ illustrates the ways in which people access information.

Accepted Answer

A)  sphere of use 
B)  sphere of protection 
C)  working control 
D)  benchmark 
A)  sphere of use 
B)  sphere of protection 
C)  working control 
D)  benchmark

Question 5

What criteria must a policy meet to be considered effective and legally enforceable?

Accepted Answer

Dissemination (distribution)
R

Question 6

Match each item with a statement below.
-Investigation and assessment of the impact that various attacks can have on the organization.

Accepted Answer

A) managerial guidance SysSP document 
B) security training 
C) incident response 
D) business continuity plan 
E) information security policy
F)de jure
G)de facto
H)security blueprint
I)business impact analysis 
A) managerial guidance SysSP document 
B) security training 
C) incident response 
D) business continuity plan 
E) information security policy
F)de jure
G)de facto
H)security blueprint
I)business impact analysis

Question 7

The identification of critical business functions and the resources needed to support them is the cornerstone of the ____________________ plan.

Accepted Answer

business c

Question 8

Match each item with a statement below.
-Created by management to guide the implementation and configuration of a specific technology so as to direct the way a technology is to be used to control the behavior of people in the organization.

Accepted Answer

A) managerial guidance SysSP document 
B) security training 
C) incident response 
D) business continuity plan 
E) information security policy
F)de jure
G)de facto
H)security blueprint
I)business impact analysis 
A) managerial guidance SysSP document 
B) security training 
C) incident response 
D) business continuity plan 
E) information security policy
F)de jure
G)de facto
H)security blueprint
I)business impact analysis

Question 9

____ planning prepares an organization to reestablish critical business operations during a disaster that affects operations at the primary site.

Accepted Answer

A)  Business continuity 
B)  Incident response 
C)  Attack 
D)  Crisis management 
A)  Business continuity 
B)  Incident response 
C)  Attack 
D)  Crisis management

Question 10

A(n) ____________________ is a set of specifications that identifies a piece of technology's authorized users and includes details on the rights and privileges those users have on that technology.

Accepted Answer

access con

Question 11

How does an EISP address an organization's need to comply with laws and regulations?

Accepted Answer

1.General compliance by ensuring the org

Question 12

Match each item with a statement below.
-Provides detailed information and hands-on instruction to employees to prepare them to perform their duties securely.

Accepted Answer

A) managerial guidance SysSP document 
B) security training 
C) incident response 
D) business continuity plan 
E) information security policy
F)de jure
G)de facto
H)security blueprint
I)business impact analysis 
A) managerial guidance SysSP document 
B) security training 
C) incident response 
D) business continuity plan 
E) information security policy
F)de jure
G)de facto
H)security blueprint
I)business impact analysis

Question 13

Practices, procedures, and guidelines effectively explain how to comply with ____.

Accepted Answer

A)  standards 
B)  policies 
C)  vision 
D)  security blueprints 
A)  standards 
B)  policies 
C)  vision 
D)  security blueprints

Question 14

A(n) ____ is detailed description of the activities that occur during an attack.

Accepted Answer

A)  sphere of security 
B)  contingency plan 
C)  attack profile 
D)  business impact analysis 
A)  sphere of security 
B)  contingency plan 
C)  attack profile 
D)  business impact analysis

Question 15

The analysis and prioritization of the business functions within the organization's departments, sections, divisions, groups, or other units to determine which are most vital to continued operations is called ____.

Accepted Answer

A)  an attack profile 
B)  business unit analysis 
C)  assessment of potential damage 
D)  business impact analysis 
A)  an attack profile 
B)  business unit analysis 
C)  assessment of potential damage 
D)  business impact analysis

Question 16

The ____ of an organization is a written statement of its purpose.

Accepted Answer

A)  mission 
B)  vision 
C)  strategy 
D)  policy 
A)  mission 
B)  vision 
C)  strategy 
D)  policy

Question 17

Establishing a contact number of hot line is an aspect of ____ planning.

Accepted Answer

A)  business continuity 
B)  incident response 
C)  attack 
D)  crisis management 
A)  business continuity 
B)  incident response 
C)  attack 
D)  crisis management

Question 18

Match each item with a statement below.
-Published, scrutinized, and ratified by a group.

Accepted Answer

A) managerial guidance SysSP document 
B) security training 
C) incident response 
D) business continuity plan 
E) information security policy
F)de jure
G)de facto
H)security blueprint
I)business impact analysis 
A) managerial guidance SysSP document 
B) security training 
C) incident response 
D) business continuity plan 
E) information security policy
F)de jure
G)de facto
H)security blueprint
I)business impact analysis

Question 19

____ are the specific instructions entered into a security system to regulate how it reacts to the data it receives.

Accepted Answer

A)  Access control matrices 
B)  Capability rules 
C)  Configuration rules 
D)  Access control lists 
A)  Access control matrices 
B)  Capability rules 
C)  Configuration rules 
D)  Access control lists

Question 20

A(n) ____ plan addresses the identification, classification, response, and recovery from an incident.

Accepted Answer

A)  incident response 
B)  disaster recovery 
C)  attack profile 
D)  business impact analysis 
A)  incident response 
B)  disaster recovery 
C)  attack profile 
D)  business impact analysis

Describe the benefits of a security newsletter.

What topics might an ISSP cover?

A security ____ is an outline of the overall information security strategy and a roadmap for planned changes to the organization's information security environment.

The ____ illustrates the ways in which people access information.

What criteria must a policy meet to be considered effective and legally enforceable?

Match each item with a statement below. -Investigation and assessment of the impact that various attacks can have on the organization.

The identification of critical business functions and the resources needed to support them is the cornerstone of the ____________________ plan.

Match each item with a statement below. -Created by management to guide the implementation and configuration of a specific technology so as to direct the way a technology is to be used to control the behavior of people in the organization.

____ planning prepares an organization to reestablish critical business operations during a disaster that affects operations at the primary site.

A(n) ____________________ is a set of specifications that identifies a piece of technology's authorized users and includes details on the rights and privileges those users have on that technology.

How does an EISP address an organization's need to comply with laws and regulations?

Match each item with a statement below. -Provides detailed information and hands-on instruction to employees to prepare them to perform their duties securely.

Practices, procedures, and guidelines effectively explain how to comply with ____.

A(n) ____ is detailed description of the activities that occur during an attack.

The analysis and prioritization of the business functions within the organization's departments, sections, divisions, groups, or other units to determine which are most vital to continued operations is called ____.

The ____ of an organization is a written statement of its purpose.

Establishing a contact number of hot line is an aspect of ____ planning.

Match each item with a statement below. -Published, scrutinized, and ratified by a group.

____ are the specific instructions entered into a security system to regulate how it reacts to the data it receives.

A(n) ____ plan addresses the identification, classification, response, and recovery from an incident.

Introduction to Information Security

Authenticating Users

Introduction to Firewalls

Packet Filtering

Firewall Configuration and Administration

Working With Proxy Servers and Application-Level Firewalls

Implementing the Bastion Host

Encryption - The Foundation for the Virtual Private Network

Setting up a Virtual Private Network

Filters

Exam 2: Security Policies and Standards

Describe the benefits of a security newsletter.

What topics might an ISSP cover?

A security ____ is an outline of the overall information security strategy and a roadmap for planned changes to the organization's information security environment.

The ____ illustrates the ways in which people access information.

What criteria must a policy meet to be considered effective and legally enforceable?

Match each item with a statement below. -Investigation and assessment of the impact that various attacks can have on the organization.

The identification of critical business functions and the resources needed to support them is the cornerstone of the ____________________ plan.

Match each item with a statement below. -Created by management to guide the implementation and configuration of a specific technology so as to direct the way a technology is to be used to control the behavior of people in the organization.

____ planning prepares an organization to reestablish critical business operations during a disaster that affects operations at the primary site.

A(n) ____________________ is a set of specifications that identifies a piece of technology's authorized users and includes details on the rights and privileges those users have on that technology.

How does an EISP address an organization's need to comply with laws and regulations?

Match each item with a statement below. -Provides detailed information and hands-on instruction to employees to prepare them to perform their duties securely.

Practices, procedures, and guidelines effectively explain how to comply with ____.

A(n) ____ is detailed description of the activities that occur during an attack.

The analysis and prioritization of the business functions within the organization's departments, sections, divisions, groups, or other units to determine which are most vital to continued operations is called ____.

The ____ of an organization is a written statement of its purpose.

Establishing a contact number of hot line is an aspect of ____ planning.

Match each item with a statement below. -Published, scrutinized, and ratified by a group.

____ are the specific instructions entered into a security system to regulate how it reacts to the data it receives.

A(n) ____ plan addresses the identification, classification, response, and recovery from an incident.

Introduction to Information Security

Authenticating Users

Introduction to Firewalls

Packet Filtering

Firewall Configuration and Administration

Working With Proxy Servers and Application-Level Firewalls

Implementing the Bastion Host

Encryption - The Foundation for the Virtual Private Network

Setting up a Virtual Private Network

Filters