Chat with AIExam 5: Developing the Security Program
Exam 1: Introduction to the Management of Information Security139 Questions
Exam 2: Planning for Security123 Questions
Exam 3: Planning for Contingencies114 Questions
Exam 4: Information Security Policy133 Questions
Exam 5: Developing the Security Program133 Questions
Exam 6: Security Management Models120 Questions
Exam 7: Security Management Practices114 Questions
Exam 8: Risk Management: Identifying and Assessing Risk78 Questions
Exam 9: Risk Management: Controlling Risk105 Questions
Exam 10: Protection Mechanisms133 Questions
Exam 11: Personnel and Security133 Questions
Exam 12: Law and Ethics113 Questions
Select questions type
According to Briney and Prince,"Security spending per user and per machine declines exponentially as organizations grow."
(True/False)
4.8/5 
(43)
(43) Which of the following functions needed to implement the information security program evaluates patches used to close software vulnerabilities and acceptance testing of new systems to assure compliance with policy and effectiveness?
(Multiple Choice)
4.9/5 (33)
(33) In small organizations,security training and awareness is most commonly conducted on a one-on-one basis.
(True/False)
4.8/5 (40)
(40) A convenient time to conduct training for general users is during employee orientation._________________________
(True/False)
4.9/5 (33)
(33) A security trinket program is one of the most expensive security awareness programs._________________________
(True/False)
4.8/5 (33)
(33) Security managers are accountable for the day-to-day operation of the information security program._________________________
(True/False)
5.0/5 (42)
(42) Small organizations spend more per user on security than medium- and large-sized organizations.
(True/False)
4.9/5 (34)
(34) Legal assessment for the implementation of the information security program is almost always done by the information security or IT departments.
(True/False)
4.8/5 (28)
(28) The professional agencies such as SANS,ISC2,ISSA and CSI offer industry training conferences and programs that are ideal for the average employee.
(True/False)
4.9/5 (31)
(31) ____ is the term used to describe the structure and organization of the effort that strives to contain the risks to the information assets of the organization.
(Multiple Choice)
4.9/5 (29)
(29) Advanced technical training can be selected or developed based on job category,job function,or ____.
(Multiple Choice)
4.7/5 (33)
(33) The three methods for selecting or developing advanced technical training are by job category,by job function,and by ____________________.
(Short Answer)
4.8/5 (30)
(30) Very large organizations tend to have the largest budget per user of all organizational sizes discussed._________________________
(True/False)
4.8/5 (35)
(35) In large organizations the information security department is often headed by the CISO who reports directly to the ____.
(Multiple Choice)
4.9/5 (35)
(35) Security awareness and security training are designed to modify any employee behavior that endangers the security of the organization's information._________________________
(True/False)
4.8/5 (44)
(44) Which of the following functions needed to implement the information security program implements and oversees the use of controls to reduce risk?
(Multiple Choice)
4.9/5 (37)
(37) The scope of the security training program should focus on information security personnel responsible for the protection of organizational information assets.
(True/False)
4.8/5 (37)
(37) A ____ program keeps information security at the forefront of users' minds on a daily basis.
(Multiple Choice)
4.8/5 (32)
(32) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)