30 Jan Provide little or no
SEC440 Information Systems Security Planning and Audit
Week 2 Quiz
Question 1
(TCO 1) Why is it important to prepare written policies?
It lets the policies be communicated more easily.
This helps to ensure consistency.
A policy is part of the corporate culture.
It is required by law.
Question 2
(TCO 2) What does CIA stand for?
Confidentiality, integrity, and authorization
Confidentiality, integrity, and accountability
Confidentiality, integrity, and authentication
Confidentiality, integrity, and availability
Question 3
(TCO 1) The disciplinary process indicated in an information security policy enforcement clause usually includes which of the following most severe punishments?
Dismissal or criminal prosecution
Loss of one month’s pay
Demotion to a lower level
Transfer to another division in the company
Question 4
(TCO 2) Which of the following is true of procedures?
Procedures focus on sequential actions or steps, which are the instructions needed to carry out a policy statement.
Procedures must be changed every 30 days.
Procedures are a prerequisite to developing a policy; they must exist before you can write a policy.
Procedures are suggestions for the best way to accomplish a certain task.
Question 5
(TCO 1) Why is it important for leadership to set a tone of compliance with policy?
The rest of the organization feels better about following the rules.
It is part of leaders’ jobs.
Management includes some of the worst offenders.
The leaders are the ones who write the policies.
Question 6
(TCO 2) Which of the following is NOT an example of social engineering?
Calling an employee on the phone and impersonating an IT consultant to learn passwords
Running a password-cracking utility against a web server
Dressing up as a UPS employee and gaining access to sensitive areas of a business
Posing as a potential customer in a bank and gaining access to a computer terminal by pretending to need to send an e-mail
Question 7
(TCO 1) Which is the preferred approach to organizing information security policies, procedures, standards, and guidelines?
Combine policies and procedures.
Keep the policy documents separate from the procedures, standards, and guidelines.
Combine standards and guidelines.
Keep them all separate.
Question 8
(TCO 2) Match the following terms to their meanings.
Change driver
Any event that impacts culture, procedures, and activities within an organization
Acceptable use agreement
List of actions that employees are not allowed to perform while using company-provided equipment
Statement of authority
Introduction to the policy document
Security policy document policy
Policy about a policy
Question 9
(TCO 1) Which of the following best describes how the penalties defined in the Policy Enforcement Clause should relate to the infractions?
Any infraction should result in suspension or termination.
The same penalty should apply each time an infraction occurs.
The penalty should be proportional to the level of risk incurred as a result of the infraction.
Penalties should be at the discretion of management.
Question 10
(TCO 2) An employee accidentally makes changes to a company-owned file. This is known as a violation of
data confidentiality.
data integrity.
data availability.
data authorization.
Question 11
(TCO 1) Why is it important to remind people about best practice information security behaviors?
This approach is a mandatory requirement of information security policies.
Reminders are the least expensive way to ensure compliance with policies.
It ensures they are aware that management is watching them.
Reminders reinforce their knowledge and help them better understand expectations.
Question 12
(TCO 2) Which of the following federal regulations pertains to the medical field?
FERPA
GLBA
HIPAA
SOX
Question 13
(TCO 1) The setup instructions that come in the box when you buy a new printer are an example of which of the following?
Standards
Procedures
Guidelines
Policies
Question 14
(TCO 2) Which of the following federal regulations pertains to the educational field?
FERPA
GLBA
HIPAA
SOX
Question 15
(TCO 1) Which of the following is a good way to help ensure that your company’s information security policies represent best practices?
Base them on current industry standards for practices and technology.
Provide little or no opportunity for policy exceptions to be granted.
Copy key parts of similar policies you find on the Internet.
Keep the suggested guidelines to a minimum, and focus on mandatory standards.
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteEdu. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
Do you need help with this question?
Get assignment help from WriteEdu.com Paper Writing Website and forget about your problems.
WriteEdu provides custom & cheap essay writing 100% original, plagiarism free essays, assignments & dissertations.
With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Chat with us today! We are always waiting to answer all your questions.