Question 1

The average amount spent on security per user in a(n)very large

Accepted Answer

A) True 
 B)False

Question 2

The purpose of the CAEIAE program is to enhance security by building in-depth knowledge,by developing security-related skills and knowledge,by improving awareness of the need to protect system resources._________________________

Accepted Answer

A) True 
 B)False

Question 3

____ shifts responsibility for training onto the trainee,with little formal support.

Accepted Answer

A)  Self-study (noncomputerized) 
B)  One-on-one training 
C)  Distance learning/Web seminars 
D)  Computer-based training 
A)  Self-study (noncomputerized) 
B)  One-on-one training 
C)  Distance learning/Web seminars 
D)  Computer-based training

Question 4

Security education involves providing members of the organization with detailed information and hands-on instruction to enable them to perform their duties securely._________________________

Accepted Answer

A) True 
 B)False

Question 5

Providing training to general users on policies ensures that those policies will be read and understood.

Accepted Answer

A) True 
 B)False

Question 6

An organization's information security Web site should be placed on the Internet._________________________

Accepted Answer

A) True 
 B)False

Question 7

____ involves providing members of the organization with detailed information and hands-on instruction to enable them to perform their duties securely.

Accepted Answer

A)  Security awareness 
B)  Security education 
C)  Security accountability 
D)  Security training 
A)  Security awareness 
B)  Security education 
C)  Security accountability 
D)  Security training

Question 8

The size of the information security budget usually corresponds to the size of the organization.

Accepted Answer

A) True 
 B)False

Question 9

Researching,creating,maintaining,and promoting information security plans is part of the ____ function needed to implement the information security program.

Accepted Answer

A)  systems testing 
B)  policy 
C)  planning 
D)  systems security administration 
A)  systems testing 
B)  policy 
C)  planning 
D)  systems security administration

Question 10

Technically qualified individuals who configure firewalls and IDSs,implement security software,diagnose and troubleshoot problems,and coordinate with systems and network administrators to ensure that security technology is properly implemented are referred to as ____________________.

Accepted Answer

security t

Question 11

A disadvantage of offering training in a formal class is that it ____.

Accepted Answer

A)  is very expensive 
B)  may not be sufficiently responsive to the needs of all trainees 
C)  can result in substandard work performance until trainee gets up to speed 
D)  shifts responsibility for the training onto the trainee 
A)  is very expensive 
B)  may not be sufficiently responsive to the needs of all trainees 
C)  can result in substandard work performance until trainee gets up to speed 
D)  shifts responsibility for the training onto the trainee

Question 12

An organization's size is the variable that has the greatest influence on the structure of the organization's information security program._________________________

Accepted Answer

A) True 
 B)False

Question 13

A study of information security positions found that positions can be classified into one of three types: ____________________ provide the policies,guidelines,and standards.They're the people who do the consulting and the risk assessment,who develop the product and technical architectures.

Accepted Answer

The answer of A study of information security positions found...

Question 14

What is the security education,training,and awareness program? Describe how the program aims to enhance security.

Accepted Answer

The security education,training,and awar

Question 15

In the self-study method of training,trainees learn the specifics of their jobs through performing their jobs.

Accepted Answer

A) True 
 B)False

Question 16

Which of the following should be conducted in smaller groups?

Accepted Answer

A)  Training for IT staff 
B)  Training for security staff 
C)  Training for general users 
D)  Training for managers 
A)  Training for IT staff 
B)  Training for security staff 
C)  Training for general users 
D)  Training for managers

Question 17

Security spending per user and per machine ____________________ exponentially as organizations grow,leaving most handcuffed when it comes to implementing effective security procedures.

Accepted Answer

The answer of Security spending per user and per machine...

Question 18

According to Charles Cresson Wood,"Reporting directly to top management is not advisable for the Information Security Department Manager [or CISO] because it impedes objectivity and the ability to perceive what's truly in the best interest of the organization as a whole,rather than what's in the best interest of a particular department."

Accepted Answer

A) True 
 B)False

Question 19

In the ____________________ method of training,a trainer works with a single trainee at one time.

Accepted Answer

one-on-one

Question 20

An organization's information security awareness Web site should ____.

Accepted Answer

A)  contain large images 
B)  be designed for the latest computer technology 
C)  be placed on the Internet 
D)  be tested with multiple browsers 
A)  contain large images 
B)  be designed for the latest computer technology 
C)  be placed on the Internet 
D)  be tested with multiple browsers

The average amount spent on security per user in a(n)very large

The purpose of the CAEIAE program is to enhance security by building in-depth knowledge,by developing security-related skills and knowledge,by improving awareness of the need to protect system resources._________________________

____ shifts responsibility for training onto the trainee,with little formal support.

Security education involves providing members of the organization with detailed information and hands-on instruction to enable them to perform their duties securely._________________________

Providing training to general users on policies ensures that those policies will be read and understood.

An organization's information security Web site should be placed on the Internet._________________________

____ involves providing members of the organization with detailed information and hands-on instruction to enable them to perform their duties securely.

The size of the information security budget usually corresponds to the size of the organization.

Researching,creating,maintaining,and promoting information security plans is part of the ____ function needed to implement the information security program.

Technically qualified individuals who configure firewalls and IDSs,implement security software,diagnose and troubleshoot problems,and coordinate with systems and network administrators to ensure that security technology is properly implemented are referred to as ____________________.

A disadvantage of offering training in a formal class is that it ____.

An organization's size is the variable that has the greatest influence on the structure of the organization's information security program._________________________

A study of information security positions found that positions can be classified into one of three types: ____________________ provide the policies,guidelines,and standards.They're the people who do the consulting and the risk assessment,who develop the product and technical architectures.

What is the security education,training,and awareness program? Describe how the program aims to enhance security.

In the self-study method of training,trainees learn the specifics of their jobs through performing their jobs.

Which of the following should be conducted in smaller groups?

Security spending per user and per machine ____________________ exponentially as organizations grow,leaving most handcuffed when it comes to implementing effective security procedures.

In the ____________________ method of training,a trainer works with a single trainee at one time.

An organization's information security awareness Web site should ____.

Introduction to the Management of Information Security

Planning for Security

Planning for Contingencies

Information Security Policy

Security Management Models

Security Management Practices

Risk Management: Identifying and Assessing Risk

Risk Management: Controlling Risk

Protection Mechanisms

Personnel and Security

Law and Ethics

Filters

Exam 5: Developing the Security Program

The average amount spent on security per user in a(n)very large

The purpose of the CAEIAE program is to enhance security by building in-depth knowledge,by developing security-related skills and knowledge,by improving awareness of the need to protect system resources._________________________

____ shifts responsibility for training onto the trainee,with little formal support.

Security education involves providing members of the organization with detailed information and hands-on instruction to enable them to perform their duties securely._________________________

Providing training to general users on policies ensures that those policies will be read and understood.

An organization's information security Web site should be placed on the Internet._________________________

____ involves providing members of the organization with detailed information and hands-on instruction to enable them to perform their duties securely.

The size of the information security budget usually corresponds to the size of the organization.

Researching,creating,maintaining,and promoting information security plans is part of the ____ function needed to implement the information security program.

Technically qualified individuals who configure firewalls and IDSs,implement security software,diagnose and troubleshoot problems,and coordinate with systems and network administrators to ensure that security technology is properly implemented are referred to as ____________________.

A disadvantage of offering training in a formal class is that it ____.

An organization's size is the variable that has the greatest influence on the structure of the organization's information security program._________________________

A study of information security positions found that positions can be classified into one of three types: ____________________ provide the policies,guidelines,and standards.They're the people who do the consulting and the risk assessment,who develop the product and technical architectures.

What is the security education,training,and awareness program? Describe how the program aims to enhance security.

In the self-study method of training,trainees learn the specifics of their jobs through performing their jobs.

Which of the following should be conducted in smaller groups?

Security spending per user and per machine ____________________ exponentially as organizations grow,leaving most handcuffed when it comes to implementing effective security procedures.

In the ____________________ method of training,a trainer works with a single trainee at one time.

An organization's information security awareness Web site should ____.

Introduction to the Management of Information Security

Planning for Security

Planning for Contingencies

Information Security Policy

Security Management Models

Security Management Practices

Risk Management: Identifying and Assessing Risk

Risk Management: Controlling Risk

Protection Mechanisms

Personnel and Security

Law and Ethics

Filters