Chat with AIExam 5: Developing the Security Program
Exam 1: Introduction to the Management of Information Security63 Questions
Exam 2: Compliance: Law and Ethics50 Questions
Exam 3: Governance and Strategic Planning for Security52 Questions
Exam 4: Information Security Policy56 Questions
Exam 5: Developing the Security Program55 Questions
Exam 6: Risk Management: Identifying and Assessing Risk60 Questions
Exam 7: Risk Management: Controlling Risk60 Questions
Exam 8: Security Management Models60 Questions
Exam 9: Security Management Practices59 Questions
Exam 10: Planning for Contingencies60 Questions
Exam 11: Personnel and Security60 Questions
Exam 12: Protection Mechanisms61 Questions
Select questions type
The information security ____________________ is usually brought in when the organization makes the decision to outsource one or more aspects of its security program.
Free
(Short Answer)
5.0/5 
(36)
(36) Correct Answer:
Verified
Verifiedconsultant
Most information security projects require a trained project developer._________________________
Free
(True/False)
4.9/5 (32)
(32) Correct Answer:Verified
VerifiedFalse
The work breakdown structure (WBS)can only be prepared with a complex specialized desktop PC application.
Free
(True/False)
4.9/5 (36)
(36) Correct Answer:Verified
VerifiedFalse
Each organization has to determine its own project management methodology for IT and information security projects.
(True/False)
4.9/5 (35)
(35) An organization carries out a risk ____________________ function to evaluate risks present in IT initiatives and/or systems.
(Short Answer)
4.9/5 (38)
(38) The goal of a security ____________________ program is to keep information security at the forefront of users' minds on a daily basis.
(Short Answer)
4.8/5 (23)
(23) The project planner should describe the skills or personnel needed for a task,often referred to as a(n)____________________,needed to accomplish a task.
(Short Answer)
4.7/5 (39)
(39) What is the security education,training,and awareness program? Describe how the program aims to enhance security.
(Essay)
4.8/5 (37)
(37) The three methods for selecting or developing advanced technical training are by job category,by job function,and by ____________________.
(Short Answer)
4.9/5 (34)
(34) What are some of the variables that determine how a given organization chooses to construct its InfoSec program?
(Essay)
4.9/5 (33)
(33) Which of the following is true about a company's InfoSec awareness Web site?
(Multiple Choice)
4.8/5 (26)
(26) Which security functions are normally performed by IT groups outside the InfoSec area of management control?
(Essay)
4.8/5 (32)
(32) The ____________________ program is designed to reduce the occurrence of accidental security breaches by members of the organization.
(Short Answer)
4.9/5 (35)
(35) The first step in the work breakdown structure (WBS)approach encompasses activities,but not deliverables.
(True/False)
4.8/5 (33)
(33) Legal assessment for the implementation of the information security program is almost always done by the information security or IT departments.
(True/False)
4.7/5 (30)
(30) Which of the following is an advantage of the user support group form of training?
(Multiple Choice)
4.8/5 (37)
(37) A(n)____________________ is a specific point in the project plan when a task that has a noticeable impact on plan's the progress is complete.
(Short Answer)
4.7/5 (33)
(33) What is the Chief Information Security Office primarily responsible for?
(Essay)
4.8/5 (32)
(32) Which of the following is the most cost-effective method for disseminating security information and news to employees?
(Multiple Choice)
4.8/5 (41)
(41) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)