Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 11: Personnel and Security

Full screen (f)
exit full mode
Question
The general management community of interest should integrate solid information security concepts across all of the organization's employment policies and practices.
Use Space or
up arrow
down arrow
to flip the card.
Question
CISOs are primarily charged with the day-to-day operation of the information security program.
Question
Most hiring organizations are aware of the precise value of information security certifications because these programs have been in existence for a long time.
Question
Handling a problem with information unavailability is within the duties of the Information Security Department Manager and his or her staff.
Question
One of the responsibilities of a CISO is to coordinate and perform reviews of contracts,projects,and proposals.
Question
The CISO position in an organization is usually an executive-level position and frequently reports to the CIO.
Question
In their efforts to hire an effective mix of information security personnel,organizations have control over the supply and demand of varied skills and experience levels that the market has to offer.
Question
CompTIA's Security + certification tests for security knowledge mastery of an individual with no on-the-job network experience,and is focused on CompTIA's line of security equipment.
Question
An information security engineer has the responsibility of redesigning and reengineering internal information handling processes so that information is appropriately protected from a wide variety of problems.
Question
Like the MCSE and CNE exams,the SCP focuses on general networking concepts.
Question
Automatic résumé scanning software can be set up to search for strings of characters that represent professional certifications.
Question
A Computer Operations Manager's job title is classified as part of the information technology community of interest that may not have an information security job description but still has some information security responsibilities.
Question
Similar to the case of other professions,overspecialization in information security can be an advantage.
Question
When terminating an employee,the method of employee security outprocessing will generally depend on the employee's job responsibilities.
Question
When advertising open positions,organizations should provide complete job descriptions including access privileges,in order to recruit the best candidate possible.
Question
Many information security professionals have law enforcement or military experience.
Question
In an organization,the security technician coordinates the information security efforts of all internal groups that have one or more information security-related responsibilities.
Question
The GIAC family of certifications can be pursued independently or combined to earn a comprehensive certification called the GIAC Security Expert.
Question
The CISA certification is a security certification that is appropriate for database,programming,and other IT professionals.
Question
(ISC)²'s SSCP is considered to be the most prestigious certification for information security managers and CISOs.
Question
Credit reports contain information on a job candidate's medical history,credit history,and other personal data.
Question
It is easy to limit a temporary employee's access to only the information required for his or her assigned duties.
Question
The CISSP has recently had three concentrations added: the Information Systems Security Architecture Professional (ISSAP),the Information Systems Security Engineering Professional (ISSEP)and the Information Systems Security Management Professional (ISSMP)._________________________
Question
In addition to the responsibility of conducting investigations of information security violations,a(n)CISO has to work effectively with external law enforcement to resolve these situations._________________________
Question
Security is generally a people problem and not a technological one.
Question
In the classification of information security positions,the real technical types who create and install security solutions fall under the category of those that define._________________________
Question
When two business partners integrate their information systems,the level of security of both systems must be examined before any physical integration takes place,as system connection means that vulnerability on one system becomes vulnerability for all linked systems.
Question
Before extending an offer of employment,it is necessary to conduct a background check on any potential candidate,regardless of job level.
Question
The International Information Systems Security Certification Consortium's most popular certification program is the CISM.__________________________________________________
Question
Social engineering uses persuasive techniques to gain an individual's confidence in an effort to obtain information.
Question
Typical temporary workers include groundskeepers,maintenance,services staff,electricians,mechanics,attorneys,technical consultants,and IT specialists.
Question
The general management community of interest should learn more about the requirements and qualifications for information security positions in order to move the information security discipline forward._________________________
Question
Organizations are required by LAW to protect sensitive or personal employee information,including personally identifying facts such as employee addresses,phone numbers,Social Security numbers,medical conditions,and even names and addresses of family members.
Question
In an effort to push the information security discipline forward,middle management should learn more about personnel and information security budgetary needs._________________________
Question
In a friendly departure,the resigning employee's account is usually allowed to continue with a new expiration date.
Question
In the efforts to maintain effective personnel security practices,one of the threats to an organization's information is the inability to perform the tasks of an employee who is unable or unwilling to perform them.
Question
The SSCP certification is considered to be a scaled-down version of the CISSP,however the SSCP's domains are not a subset of the CISSP domains,but rather contain slightly more technical content._________________________
Question
The SCP credential is geared toward experienced information security managers and others who may have information security management responsibilities,and includes areas of information security governance.________________________________________
Question
The CISO has the responsibility of obtaining top management's approval and ongoing support for all major information security plans for his or her organization._________________________
Question
The CISO is typically considered the top information security officer in an organization._________________________
Question
Two methods for handling employee outprocessing,depending on the employee's reasons for leaving,include hostile departures and involuntary departures._________________________
Question
Employees who perform security monitoring functions within an organization fall under the classification of information security positions that ____.

A) define
B) build
C) administer
D) audit
Question
When conducting security checks on potential employees,organizations must comply with local regulations,including the Fair Credit Reporting Act (FCRA)regarding the use of personal information in employment practices._________________________
Question
A background check of a potential candidate's criminal court history investigates his or her involvement as a plaintiff or defendant in a civil suit._________________________
Question
By utilizing a(n)human RAID system of requiring employees to know at least one part of another person's job,an organization can survive the loss of any single employee._________________________
Question
Contract workers are brought in by organizations to temporarily fill positions or to supplement the existing workforce._________________________
Question
Hostile employee departures from a company are usually the most difficult to handle._________________________
Question
A candidate for the CISO position should have experience as a ____.

A) security officer
B) security consultant
C) security technician
D) security manager
Question
The principle of least access infers that employees should be able to access only the information they need,and only for the period required to perform their tasks._________________________
Question
Employees who perform risk assessment functions within an organization fall under the classification of information security positions that ____.

A) define
B) administer
C) build
D) audit
Question
The checks-and-balances method of two-man control requires multiple employees to be involved in order for a crime to occur,referred to as collusion._________________________
Question
A(n)job rotation policy requires that multiple individuals within an organization can perform all critical tasks._________________________
Question
____ tend to be business managers first and technologists second.

A) Security officers
B) CISOs
C) Security technicians
D) Security consultants
Question
An employee management policy that includes an optional vacation of at least one week per year gives an organization the opportunity to perform a detailed review of everyone's work._________________________
Question
A specific concern with consultants is their natural desire to share success stories with other clients._________________________
Question
The day-to-day operation of the information security program is the responsibility of the ____.

A) CISO
B) security manager
C) security officer
D) security consultant
Question
Security concerns associated with business partners are usually addressed in an agency contract._________________________
Question
The CIFI program is currently being developed to evaluate expertise in the tasks and responsibilities of a security administrator or security manager,including incident response,working with law enforcement,and auditing._________________________
Question
Task or job rotation is used to make it difficult for an individual to violate information security._________________________
Question
Organizations should conduct periodic security awareness and training activities to keep security at the forefront of employees' minds and minimize employee mistakes._________________________
Question
Which of the following is a domain of the CISSP certification?

A) Cryptography
B) Administration
C) Audit and monitoring
D) Malicious code/malware
Question
Configuring firewalls and IDSs,implementing security software,and diagnosing and troubleshooting problems are some of the responsibilities of a ____.

A) security manager
B) CISO
C) security technician
D) security officer
Question
Which of the following is a responsibility of an information security technician?

A) Developing information security requirements for the organization
B) Providing hands-on technical consulting services to teams of technical specialists
C) Establishing procedures for the identification of information assets
D) Managing the development of information security policies
Question
Which of the following is NOT a CISSP concentration?

A) ISSAP
B) ISSCE
C) ISSMP
D) All of these are CISSP concentrations
Question
In the GIAC program,the ____ certification is considered the comprehensive technical credential,covering the entire range of GIAC technical and managerial security knowledge.

A) GIAC Certified Firewall Analyst
B) GIAC Certified Incident Handler
C) GIAC Security Leadership Certificate
D) GIAC Security Engineer
Question
When terminating an employee,how the security process is handled depends upon whether the termination is ____.

A) a retirement or a relocation
B) hostile or friendly
C) internal or external
D) voluntary or optional
Question
A security technician usually reports to a ____ who in turn reports to a(n)____.

A) security engineer; security manager
B) support staff member; analyst
C) CISO, CEO
D) security manager, CISO
Question
The ____ certification program is an option for individuals who wish to take the CISSP or SSCP exams before obtaining the requisite experience for certification.

A) TICSA
B) SCP
C) MCSE
D) (ISC)² Associate
Question
In addition to performing other tasks,many organizations conduct a(n)____ to remind the employee of any contractual obligations,such as nondisclosure agreements,and to obtain feedback on the employee's tenure in the organization.

A) legal disclaimer
B) immediate severance
C) exit interview
D) out briefing
Question
____ is a domain of the SSCP certification program.

A) Business continuity planning
B) Law, investigation, and ethics
C) Physical security
D) Administration
Question
Which of the following job titles with information security elements is part of the IT community of interest?

A) Access control system administrator
B) Local InfoSec coordinator
C) Physical asset protection specialist
D) Business analyst
Question
Which of the following job titles with information security elements is part of the information security community of interest?

A) Access control system administrator
B) InfoSys quality assurance analyst
C) Web site administrator
D) InfoSys analyst
Question
The ____ takes the lead in the interviewing and hiring process and screens personnel.

A) security manager
B) security technician
C) security consultant
D) CISO
Question
Currently the only advanced technical security certifications are offered by ____.

A) (ISC)²
B) ISACA
C) GIAC
D) ISO
Question
Which of the following job titles with information security elements is part of the general business community of interest?

A) Computer operator
B) Systems administrator
C) Business contingency planner
D) Database administrator
Question
Which of the following is a responsibility of an information security department manager?

A) Offering technical information security consulting services to network administrators
B) Running vulnerability identification software packages
C) Preparing post-mortem analyses of information security breaches
D) Training Access Control System administrators to set up firewalls
Question
The ____ program offers a wide array of certification tracks and requires applicants to complete a written practical assignment that tests the application of skills and knowledge.

A) GIAC
B) SCP
C) (ISC)² Associate
D) TICSA
Question
The ____ works with others who periodically run vulnerability identification software packages.

A) CISO
B) security engineer
C) security consultant
D) security officer
Question
A common job title for a security technician in an organization is ____.

A) security manager
B) security engineer
C) security officer
D) security consultant
Question
The ____ is considered the most prestigious certification for security managers and CISOs.

A) CISSP
B) GIAC
C) SSCP
D) SCP
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/133
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 11: Personnel and Security
1
The general management community of interest should integrate solid information security concepts across all of the organization's employment policies and practices.
True
2
CISOs are primarily charged with the day-to-day operation of the information security program.
False
3
Most hiring organizations are aware of the precise value of information security certifications because these programs have been in existence for a long time.
False
4
Handling a problem with information unavailability is within the duties of the Information Security Department Manager and his or her staff.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
5
One of the responsibilities of a CISO is to coordinate and perform reviews of contracts,projects,and proposals.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
6
The CISO position in an organization is usually an executive-level position and frequently reports to the CIO.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
7
In their efforts to hire an effective mix of information security personnel,organizations have control over the supply and demand of varied skills and experience levels that the market has to offer.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
8
CompTIA's Security + certification tests for security knowledge mastery of an individual with no on-the-job network experience,and is focused on CompTIA's line of security equipment.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
9
An information security engineer has the responsibility of redesigning and reengineering internal information handling processes so that information is appropriately protected from a wide variety of problems.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
10
Like the MCSE and CNE exams,the SCP focuses on general networking concepts.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
11
Automatic résumé scanning software can be set up to search for strings of characters that represent professional certifications.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
12
A Computer Operations Manager's job title is classified as part of the information technology community of interest that may not have an information security job description but still has some information security responsibilities.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
13
Similar to the case of other professions,overspecialization in information security can be an advantage.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
14
When terminating an employee,the method of employee security outprocessing will generally depend on the employee's job responsibilities.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
15
When advertising open positions,organizations should provide complete job descriptions including access privileges,in order to recruit the best candidate possible.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
16
Many information security professionals have law enforcement or military experience.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
17
In an organization,the security technician coordinates the information security efforts of all internal groups that have one or more information security-related responsibilities.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
18
The GIAC family of certifications can be pursued independently or combined to earn a comprehensive certification called the GIAC Security Expert.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
19
The CISA certification is a security certification that is appropriate for database,programming,and other IT professionals.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
20
(ISC)²'s SSCP is considered to be the most prestigious certification for information security managers and CISOs.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
21
Credit reports contain information on a job candidate's medical history,credit history,and other personal data.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
22
It is easy to limit a temporary employee's access to only the information required for his or her assigned duties.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
23
The CISSP has recently had three concentrations added: the Information Systems Security Architecture Professional (ISSAP),the Information Systems Security Engineering Professional (ISSEP)and the Information Systems Security Management Professional (ISSMP)._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
24
In addition to the responsibility of conducting investigations of information security violations,a(n)CISO has to work effectively with external law enforcement to resolve these situations._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
25
Security is generally a people problem and not a technological one.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
26
In the classification of information security positions,the real technical types who create and install security solutions fall under the category of those that define._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
27
When two business partners integrate their information systems,the level of security of both systems must be examined before any physical integration takes place,as system connection means that vulnerability on one system becomes vulnerability for all linked systems.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
28
Before extending an offer of employment,it is necessary to conduct a background check on any potential candidate,regardless of job level.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
29
The International Information Systems Security Certification Consortium's most popular certification program is the CISM.__________________________________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
30
Social engineering uses persuasive techniques to gain an individual's confidence in an effort to obtain information.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
31
Typical temporary workers include groundskeepers,maintenance,services staff,electricians,mechanics,attorneys,technical consultants,and IT specialists.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
32
The general management community of interest should learn more about the requirements and qualifications for information security positions in order to move the information security discipline forward._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
33
Organizations are required by LAW to protect sensitive or personal employee information,including personally identifying facts such as employee addresses,phone numbers,Social Security numbers,medical conditions,and even names and addresses of family members.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
34
In an effort to push the information security discipline forward,middle management should learn more about personnel and information security budgetary needs._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
35
In a friendly departure,the resigning employee's account is usually allowed to continue with a new expiration date.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
36
In the efforts to maintain effective personnel security practices,one of the threats to an organization's information is the inability to perform the tasks of an employee who is unable or unwilling to perform them.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
37
The SSCP certification is considered to be a scaled-down version of the CISSP,however the SSCP's domains are not a subset of the CISSP domains,but rather contain slightly more technical content._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
38
The SCP credential is geared toward experienced information security managers and others who may have information security management responsibilities,and includes areas of information security governance.________________________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
39
The CISO has the responsibility of obtaining top management's approval and ongoing support for all major information security plans for his or her organization._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
40
The CISO is typically considered the top information security officer in an organization._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
41
Two methods for handling employee outprocessing,depending on the employee's reasons for leaving,include hostile departures and involuntary departures._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
42
Employees who perform security monitoring functions within an organization fall under the classification of information security positions that ____.

A) define
B) build
C) administer
D) audit
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
43
When conducting security checks on potential employees,organizations must comply with local regulations,including the Fair Credit Reporting Act (FCRA)regarding the use of personal information in employment practices._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
44
A background check of a potential candidate's criminal court history investigates his or her involvement as a plaintiff or defendant in a civil suit._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
45
By utilizing a(n)human RAID system of requiring employees to know at least one part of another person's job,an organization can survive the loss of any single employee._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
46
Contract workers are brought in by organizations to temporarily fill positions or to supplement the existing workforce._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
47
Hostile employee departures from a company are usually the most difficult to handle._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
48
A candidate for the CISO position should have experience as a ____.

A) security officer
B) security consultant
C) security technician
D) security manager
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
49
The principle of least access infers that employees should be able to access only the information they need,and only for the period required to perform their tasks._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
50
Employees who perform risk assessment functions within an organization fall under the classification of information security positions that ____.

A) define
B) administer
C) build
D) audit
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
51
The checks-and-balances method of two-man control requires multiple employees to be involved in order for a crime to occur,referred to as collusion._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
52
A(n)job rotation policy requires that multiple individuals within an organization can perform all critical tasks._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
53
____ tend to be business managers first and technologists second.

A) Security officers
B) CISOs
C) Security technicians
D) Security consultants
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
54
An employee management policy that includes an optional vacation of at least one week per year gives an organization the opportunity to perform a detailed review of everyone's work._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
55
A specific concern with consultants is their natural desire to share success stories with other clients._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
56
The day-to-day operation of the information security program is the responsibility of the ____.

A) CISO
B) security manager
C) security officer
D) security consultant
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
57
Security concerns associated with business partners are usually addressed in an agency contract._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
58
The CIFI program is currently being developed to evaluate expertise in the tasks and responsibilities of a security administrator or security manager,including incident response,working with law enforcement,and auditing._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
59
Task or job rotation is used to make it difficult for an individual to violate information security._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
60
Organizations should conduct periodic security awareness and training activities to keep security at the forefront of employees' minds and minimize employee mistakes._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
61
Which of the following is a domain of the CISSP certification?

A) Cryptography
B) Administration
C) Audit and monitoring
D) Malicious code/malware
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
62
Configuring firewalls and IDSs,implementing security software,and diagnosing and troubleshooting problems are some of the responsibilities of a ____.

A) security manager
B) CISO
C) security technician
D) security officer
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
63
Which of the following is a responsibility of an information security technician?

A) Developing information security requirements for the organization
B) Providing hands-on technical consulting services to teams of technical specialists
C) Establishing procedures for the identification of information assets
D) Managing the development of information security policies
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
64
Which of the following is NOT a CISSP concentration?

A) ISSAP
B) ISSCE
C) ISSMP
D) All of these are CISSP concentrations
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
65
In the GIAC program,the ____ certification is considered the comprehensive technical credential,covering the entire range of GIAC technical and managerial security knowledge.

A) GIAC Certified Firewall Analyst
B) GIAC Certified Incident Handler
C) GIAC Security Leadership Certificate
D) GIAC Security Engineer
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
66
When terminating an employee,how the security process is handled depends upon whether the termination is ____.

A) a retirement or a relocation
B) hostile or friendly
C) internal or external
D) voluntary or optional
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
67
A security technician usually reports to a ____ who in turn reports to a(n)____.

A) security engineer; security manager
B) support staff member; analyst
C) CISO, CEO
D) security manager, CISO
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
68
The ____ certification program is an option for individuals who wish to take the CISSP or SSCP exams before obtaining the requisite experience for certification.

A) TICSA
B) SCP
C) MCSE
D) (ISC)² Associate
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
69
In addition to performing other tasks,many organizations conduct a(n)____ to remind the employee of any contractual obligations,such as nondisclosure agreements,and to obtain feedback on the employee's tenure in the organization.

A) legal disclaimer
B) immediate severance
C) exit interview
D) out briefing
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
70
____ is a domain of the SSCP certification program.

A) Business continuity planning
B) Law, investigation, and ethics
C) Physical security
D) Administration
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
71
Which of the following job titles with information security elements is part of the IT community of interest?

A) Access control system administrator
B) Local InfoSec coordinator
C) Physical asset protection specialist
D) Business analyst
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
72
Which of the following job titles with information security elements is part of the information security community of interest?

A) Access control system administrator
B) InfoSys quality assurance analyst
C) Web site administrator
D) InfoSys analyst
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
73
The ____ takes the lead in the interviewing and hiring process and screens personnel.

A) security manager
B) security technician
C) security consultant
D) CISO
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
74
Currently the only advanced technical security certifications are offered by ____.

A) (ISC)²
B) ISACA
C) GIAC
D) ISO
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
75
Which of the following job titles with information security elements is part of the general business community of interest?

A) Computer operator
B) Systems administrator
C) Business contingency planner
D) Database administrator
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
76
Which of the following is a responsibility of an information security department manager?

A) Offering technical information security consulting services to network administrators
B) Running vulnerability identification software packages
C) Preparing post-mortem analyses of information security breaches
D) Training Access Control System administrators to set up firewalls
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
77
The ____ program offers a wide array of certification tracks and requires applicants to complete a written practical assignment that tests the application of skills and knowledge.

A) GIAC
B) SCP
C) (ISC)² Associate
D) TICSA
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
78
The ____ works with others who periodically run vulnerability identification software packages.

A) CISO
B) security engineer
C) security consultant
D) security officer
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
79
A common job title for a security technician in an organization is ____.

A) security manager
B) security engineer
C) security officer
D) security consultant
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
80
The ____ is considered the most prestigious certification for security managers and CISOs.

A) CISSP
B) GIAC
C) SSCP
D) SCP
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree