Chat with AIExam 7: Security Management Practices
Exam 1: Introduction to the Management of Information Security139 Questions
Exam 2: Planning for Security123 Questions
Exam 3: Planning for Contingencies114 Questions
Exam 4: Information Security Policy133 Questions
Exam 5: Developing the Security Program133 Questions
Exam 6: Security Management Models120 Questions
Exam 7: Security Management Practices114 Questions
Exam 8: Risk Management: Identifying and Assessing Risk78 Questions
Exam 9: Risk Management: Controlling Risk105 Questions
Exam 10: Protection Mechanisms133 Questions
Exam 11: Personnel and Security133 Questions
Exam 12: Law and Ethics113 Questions
Select questions type
Which of the following is the first phase in the NIST process for performance measures implementation?
(Multiple Choice)
4.8/5 
(42)
(42) In security management,____ is "the comprehensive evaluation of the technical and nontechnical security controls of an IT system to support the process that establishes the extent to which a particular design and implementation meets a set of specified security requirements.
(Multiple Choice)
4.8/5 (38)
(38) Another way to create a blueprint is to look at the paths taken by organizations similar to the one whose plan you are developing,known as baselining.
(True/False)
4.7/5 (36)
(36) One of the factors critical to the success of an information security performance program is practical information security ____________________ and procedures.
(Short Answer)
4.9/5 (39)
(39) Best security practices balance the need for information ____________________ with the need for adequate protection while simultaneously demonstrating fiscal responsibility.
(Short Answer)
4.9/5 (37)
(37) Performance ____________________ make it possible to define success in the security program.
(Short Answer)
4.9/5 (31)
(31) Which of the following would NOT be a valuable performance measure?
(Multiple Choice)
4.8/5 (28)
(28) Which of the following is NOT a factor critical to the success of an information security performance program?
(Multiple Choice)
4.8/5 (34)
(34) One of the critical tasks in the performance measurement process is to assess and ____ what will be measured.
(Multiple Choice)
4.9/5 (37)
(37) Because "organizations ____________________ what they measure," it is important to ensure that individual metrics are prioritized in the same manner as the performance they measure.
(Short Answer)
4.9/5 (38)
(38) Which of the following is NOT one of the three types of performance measures used by organizations?
(Multiple Choice)
4.9/5 (37)
(37) When choosing from among recommended practices,an organization should ask if it resembles the target organization of the recommended practice._________________________
(True/False)
4.8/5 (33)
(33) Another problem with benchmarking is that no two organizations are similar._________________________
(True/False)
4.8/5 (36)
(36) In security management,____ is the authorization of an IT system to process,store,or transmit information.
(Multiple Choice)
4.8/5 (34)
(34) Once developed,information security performance measures must be implemented and integrated into ongoing information security management operations.For the most part,it is sufficient to collect these measures once.
(True/False)
4.7/5 (40)
(40) Industries that are regulated by governmental agencies are required to meet government guidelines in their security practices._________________________
(True/False)
4.9/5 (35)
(35) Because "organizations manage what they measure," it is important to ensure that individual metrics are reported in the same manner as the performance they measure._________________________
(True/False)
4.8/5 (39)
(39) The typical length of certification and/or accreditation is ____.
(Multiple Choice)
4.7/5 (39)
(39) The platinum standard is a model level of performance that demonstrates industrial leadership,quality,and concern for the protection of information.
(True/False)
4.8/5 (34)
(34) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)