Question 1

Some policies incorporate a ____ indicating a specific date the policy will expire.

Accepted Answer

A)  sunrise clause 
B)  moonbeam requirement 
C)  sunshine policy 
D)  sunset clause 
A)  sunrise clause 
B)  moonbeam requirement 
C)  sunshine policy 
D)  sunset clause

Question 2

The Flesch-Kincaid Grade Level score evaluates writing on a U.S.grade-school level.

Accepted Answer

A) True 
 B)False

Question 3

The steps outlined in guidelines must meet the requirements of the standards from which they were created.

Accepted Answer

A) True 
 B)False

Question 4

The ____________________ information security program policy is the highest level of policy.

Accepted Answer

The answer of The ____________________ information security program policy is...

Question 5

All rule-based policies must deal with users directly.

Accepted Answer

A) True 
 B)False

Question 6

It is during the design phase of the SecSDLC that the policy development team must provide for policy distribution._________________________

Accepted Answer

A) True 
 B)False

Question 7

Standards are created from ____.

Accepted Answer

A)  policies 
B)  guidelines 
C)  procedures 
D)  practices 
A)  policies 
B)  guidelines 
C)  procedures 
D)  practices

Question 8

____________________ are the specific configuration codes entered into security systems to guide the execution of the system when information is passing through it.

Accepted Answer

The answer of ____________________ are the specific configuration codes entered...

Question 9

When a policy is created and distributed without software automation tools,it is often not clear which manager has approved it.

Accepted Answer

A) True 
 B)False

Question 10

The two general methods of implementing technical controls are access control lists and configuration rules._________________________

Accepted Answer

A) True 
 B)False

Question 11

For policies to be effective,they must be properly formally agreed to by act or ____________________.

Accepted Answer

The answer of For policies to be effective,they must be...

Question 12

SysSPs can be separated into two general groups: managerial guidance and ____________________.

Accepted Answer

technical

Question 13

Describe the advantages and disadvantages of using a modular approach for creating and managing the ISSP.

Accepted Answer

The advantages of the modular ISSP polic

Some policies incorporate a ____ indicating a specific date the policy will expire.

The Flesch-Kincaid Grade Level score evaluates writing on a U.S.grade-school level.

The steps outlined in guidelines must meet the requirements of the standards from which they were created.

The ____________________ information security program policy is the highest level of policy.

All rule-based policies must deal with users directly.

It is during the design phase of the SecSDLC that the policy development team must provide for policy distribution._________________________

Standards are created from ____.

____________________ are the specific configuration codes entered into security systems to guide the execution of the system when information is passing through it.

When a policy is created and distributed without software automation tools,it is often not clear which manager has approved it.

The two general methods of implementing technical controls are access control lists and configuration rules._________________________

For policies to be effective,they must be properly formally agreed to by act or ____________________.

SysSPs can be separated into two general groups: managerial guidance and ____________________.

Describe the advantages and disadvantages of using a modular approach for creating and managing the ISSP.

Introduction to the Management of Information Security

Planning for Security

Planning for Contingencies

Developing the Security Program

Security Management Models

Security Management Practices

Risk Management: Identifying and Assessing Risk

Risk Management: Controlling Risk

Protection Mechanisms

Personnel and Security

Law and Ethics

Filters

Exam 4: Information Security Policy

Some policies incorporate a ____ indicating a specific date the policy will expire.

The Flesch-Kincaid Grade Level score evaluates writing on a U.S.grade-school level.

The steps outlined in guidelines must meet the requirements of the standards from which they were created.

The ____________________ information security program policy is the highest level of policy.

All rule-based policies must deal with users directly.

It is during the design phase of the SecSDLC that the policy development team must provide for policy distribution._________________________

Standards are created from ____.

____________________ are the specific configuration codes entered into security systems to guide the execution of the system when information is passing through it.

When a policy is created and distributed without software automation tools,it is often not clear which manager has approved it.

The two general methods of implementing technical controls are access control lists and configuration rules._________________________

For policies to be effective,they must be properly formally agreed to by act or ____________________.

SysSPs can be separated into two general groups: managerial guidance and ____________________.

Describe the advantages and disadvantages of using a modular approach for creating and managing the ISSP.

Introduction to the Management of Information Security

Planning for Security

Planning for Contingencies

Developing the Security Program

Security Management Models

Security Management Practices

Risk Management: Identifying and Assessing Risk

Risk Management: Controlling Risk

Protection Mechanisms

Personnel and Security

Law and Ethics

Filters