Chat with AIExam 4: Information Security Policy
Exam 1: Introduction to the Management of Information Security63 Questions
Exam 2: Compliance: Law and Ethics50 Questions
Exam 3: Governance and Strategic Planning for Security52 Questions
Exam 4: Information Security Policy56 Questions
Exam 5: Developing the Security Program65 Questions
Exam 6: Risk Management: Identifying and Assessing Risk60 Questions
Exam 7: Risk Management: Controlling Risk60 Questions
Exam 8: Security Management Models60 Questions
Exam 9: Security Management Practices59 Questions
Exam 10: Planning for Contingencies60 Questions
Exam 11: Personnel and Security60 Questions
Exam 12: Protection Mechanisms61 Questions
Select questions type
Information security policies are designed to provide structure in the workplace and explain the will of the organization's management.
Free
(True/False)
4.9/5 
(35)
(35) Correct Answer:
Verified
VerifiedTrue
____________________ include the user access lists,matrices,and capability tables that govern the rights and privileges of users.
Free
(Short Answer)
4.8/5 (38)
(38) Correct Answer:Verified
VerifiedAccess control listsACLs
The responsibilities of both the users and the systems administrators with regard to specific systems administration duties should be specified in the ____________________ section of the ISSP.
Free
(Short Answer)
4.7/5 (41)
(41) Correct Answer:Verified
VerifiedSystems Management
Non mandatory recommendations that the employee may use as a reference in complying with a policy.are known as regulations.
(True/False)
4.8/5 (35)
(35) The three types of information security policies include the enterprise information security policy,the issue-specific security policy,and the ____________________ security policy.
(Short Answer)
4.9/5 (26)
(26) Which of the following is an element of the enterprise information security policy?
(Multiple Choice)
4.7/5 (36)
(36) Which of the following is a disadvantage of the individual policy approach to creating and managing ISSPs?
(Multiple Choice)
4.9/5 (32)
(32) Which of the following is NOT one of the basic rules that must be followed when shaping a policy?
(Multiple Choice)
4.8/5 (39)
(39) What is the final component of the design and implementation of effective policies? Describe this component.
(Essay)
4.8/5 (36)
(36) In the bull's-eye model,the ____________________ layer is the place where threats from public networks meet the organization's networking infrastructure.
(Short Answer)
4.7/5 (38)
(38) Examples of actions that illustrate compliance with policies are known as laws.
(True/False)
4.9/5 (37)
(37) The champion and manager of the information security policy is called the ____________________.
(Short Answer)
4.8/5 (37)
(37) Which type of document is a more detailed statement of what must be done to comply with a policy?
(Multiple Choice)
4.8/5 (27)
(27) The 'Authorized Uses' section of an ISSP specifies what the identified technology cannot be used for.
(True/False)
4.9/5 (30)
(30) Which of the following are instructional codes that guide the execution of the system when information is passing through it?
(Multiple Choice)
4.8/5 (36)
(36) Which of the following is NOT among the three types of InfoSec policies based on NIST's Special Publication 800-14?
(Multiple Choice)
4.8/5 (28)
(28) A detailed statement of what must be done to comply with policy,sometimes viewed?as the rules governing policy compliance.
(Multiple Choice)
4.8/5 (33)
(33) Since most policies are drafted by a single person and then reviewed by a higher-level manager,employee input should not be considered since it makes the process too complex.
(True/False)
4.8/5 (36)
(36) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)