Question 1

The purpose of SETA is to enhance security in all but which of the following ways?

Accepted Answer

A)  by building in-depth knowledge 
B)  by adding barriers 
C)  by developing skills 
D)  by improving awareness 
A)  by building in-depth knowledge 
B)  by adding barriers 
C)  by developing skills 
D)  by improving awareness

Question 2

An organization's information security program refers to theentire set of activities,resources,personnel,and technologies used by an organization to manage the risks to the information _______ of the organization.

Accepted Answer

The answer of An organization's information security program refers to...

Question 3

Small organizations spend more per user on security than medium- and large-sized organizations.

Accepted Answer

A) True 
 B)False

Question 4

In the early stages of planning,the project planner should attempt to specify completion dates only for major employees within the project._________________________

Accepted Answer

A) True 
 B)False

Question 5

Which function needed to implement the information security program includes researching,creating,maintaining,and promoting information security plans?

Accepted Answer

A)  compliance 
B)  policy 
C)  planning 
D)  systems security administration 
A)  compliance 
B)  policy 
C)  planning 
D)  systems security administration

Question 6

Which of the following is NOT among the functions typically performed within the InfoSec department as a compliance enforcement obligation?

Accepted Answer

A)  policy 
B)  centralized authentication 
C)  compliance/audit 
D)  risk management 
A)  policy 
B)  centralized authentication 
C)  compliance/audit 
D)  risk management

Question 7

Advanced technical training can be selected or developed based on which of the following?

Accepted Answer

A)  level of previous education 
B)  level of previous training 
C)  technology product 
D)  number of employees 
A)  level of previous education 
B)  level of previous training 
C)  technology product 
D)  number of employees

Question 8

Which of the following is a disadvantage of the one-on-one training method?

Accepted Answer

A)  Inflexible 
B)  May not be responsive to the needs of all the trainees 
C)  Content may not be customized to the needs of the organization 
D)  Resource intensive, to the point of being inefficient 
A)  Inflexible 
B)  May not be responsive to the needs of all the trainees 
C)  Content may not be customized to the needs of the organization 
D)  Resource intensive, to the point of being inefficient

Question 9

Which of the following is true about the security staffing,budget,and needs of a medium-sized organization?

Accepted Answer

A)  they have a larger security staff than a small organization 
B)  they have a larger security budget (as percent of IT budget) than a small organization 
C)  they have a smaller security budget (as percent of IT budget) than a large organization 
D)  they have larger information security needs than a small organization 
A)  they have a larger security staff than a small organization 
B)  they have a larger security budget (as percent of IT budget) than a small organization 
C)  they have a smaller security budget (as percent of IT budget) than a large organization 
D)  they have larger information security needs than a small organization

Question 10

List the steps of the seven-step methodology for implementing training.

Accepted Answer

The seven-step methodology for implement

Question 11

Which of the following variables is the most influential in determining how to structure an information security program?

Accepted Answer

A)  Security capital budget 
B)  Organizational size 
C)  Security personnel budget 
D)  Organizational culture 
A)  Security capital budget 
B)  Organizational size 
C)  Security personnel budget 
D)  Organizational culture

Question 12

GGG security is commonly used to describe which aspect of security?

Accepted Answer

A)  technical 
B)  software 
C)  physical 
D)  theoretical 
A)  technical 
B)  software 
C)  physical 
D)  theoretical

Question 13

Project ____________________is adescription of a project's features,capabilities,functions,and quality level,used as the basis of a project plan.

Accepted Answer

The answer of Project ____________________is adescription of a project's features,capabilities,functions,and...

Question 14

What is the purpose of a security awareness program?What advantage does an awareness program have for the InfoSec program?

Accepted Answer

A security awareness program keeps InfoS

Question 15

Which of the following is NOT a step in the process of implementing training?

Accepted Answer

A)  administer the program 
B)  hire expert consultants 
C)  motivate management and employees 
D)  identify target audiences 
A)  administer the program 
B)  hire expert consultants 
C)  motivate management and employees 
D)  identify target audiences

The purpose of SETA is to enhance security in all but which of the following ways?

An organization's information security program refers to theentire set of activities,resources,personnel,and technologies used by an organization to manage the risks to the information _______ of the organization.

Small organizations spend more per user on security than medium- and large-sized organizations.

In the early stages of planning,the project planner should attempt to specify completion dates only for major employees within the project._________________________

Which function needed to implement the information security program includes researching,creating,maintaining,and promoting information security plans?

Which of the following is NOT among the functions typically performed within the InfoSec department as a compliance enforcement obligation?

Advanced technical training can be selected or developed based on which of the following?

Which of the following is a disadvantage of the one-on-one training method?

Which of the following is true about the security staffing,budget,and needs of a medium-sized organization?

List the steps of the seven-step methodology for implementing training.

Which of the following variables is the most influential in determining how to structure an information security program?

GGG security is commonly used to describe which aspect of security?

Project ____________________is adescription of a project's features,capabilities,functions,and quality level,used as the basis of a project plan.

What is the purpose of a security awareness program?What advantage does an awareness program have for the InfoSec program?

Which of the following is NOT a step in the process of implementing training?

Introduction to the Management of Information Security

Compliance: Law and Ethics

Governance and Strategic Planning for Security

Information Security Policy

Risk Management: Identifying and Assessing Risk

Risk Management: Controlling Risk

Security Management Models

Security Management Practices

Planning for Contingencies

Personnel and Security

Protection Mechanisms

Filters

Exam 5: Developing the Security Program

The purpose of SETA is to enhance security in all but which of the following ways?

An organization's information security program refers to theentire set of activities,resources,personnel,and technologies used by an organization to manage the risks to the information _______ of the organization.

Small organizations spend more per user on security than medium- and large-sized organizations.

In the early stages of planning,the project planner should attempt to specify completion dates only for major employees within the project._________________________

Which function needed to implement the information security program includes researching,creating,maintaining,and promoting information security plans?

Which of the following is NOT among the functions typically performed within the InfoSec department as a compliance enforcement obligation?

Advanced technical training can be selected or developed based on which of the following?

Which of the following is a disadvantage of the one-on-one training method?

Which of the following is true about the security staffing,budget,and needs of a medium-sized organization?

List the steps of the seven-step methodology for implementing training.

Which of the following variables is the most influential in determining how to structure an information security program?

GGG security is commonly used to describe which aspect of security?

Project ____________________is adescription of a project's features,capabilities,functions,and quality level,used as the basis of a project plan.

What is the purpose of a security awareness program?What advantage does an awareness program have for the InfoSec program?

Which of the following is NOT a step in the process of implementing training?

Introduction to the Management of Information Security

Compliance: Law and Ethics

Governance and Strategic Planning for Security

Information Security Policy

Risk Management: Identifying and Assessing Risk

Risk Management: Controlling Risk

Security Management Models

Security Management Practices

Planning for Contingencies

Personnel and Security

Protection Mechanisms

Filters