CIS 481-20: INTRO TO INFORM SECURITY CH11

• Question 1

  1 out of 1 points

  	To maintain a secure facility, contract employees (such as electricians or vendor repair staff) should be escorted from room to room, as well as into and out of the facility.
  	Selected Answer:  True Correct Answer:  True

• Question 2

  2 out of 2 points

  	____ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization’s security technology is properly implemented.
  	Selected Answer:   Security technicians Correct Answer:  Security technicians

• Question 3

  2 out of 2 points

  	____ is a cornerstone in the protection of information assets and in the prevention of financial loss.
  	Selected Answer:   Separation of duties Correct Answer:  Separation of duties

• Question 4

  2 out of 2 points

  	The most common certification expected of a Chief Information Security Officer is the _____ .
  	Selected Answer:   CISSP Correct Answer:  CISSP

• Question 5

  2 out of 2 points

  	____ are accountable for the day-to-day operation of the information security program and generally report to the top information security officer in the organization.
  	Selected Answer:   Security managers Correct Answer:  Security managers

• Question 6

  2 out of 2 points

  	____ is the requirement that every employee be able to perform the work of another employee.
  	Selected Answer:   Task rotation Correct Answer:  Task rotation

• Question 7

  2 out of 2 points

  	The information security function can be placed within ____.
  	Selected Answer:   All of the above Correct Answer:  All of the above

• Question 8

  2 out of 2 points

  	Many information security professionals enter the field from traditional ____ assignments.
  	Selected Answer:   information technology Correct Answer:  information technology

• Question 9

  1 out of 1 points

  	The position of security technician is often offered as an entry-level position.
  	Selected Answer:  True Correct Answer:  True

• Question 10

  1 out of 1 points

  	Friendly departures include termination for cause, permanent downsizing, temporary lay-off, and some instances of quitting.
  	Selected Answer:  False Correct Answer:  False

• Question 11

  2 out of 2 points

  	The idea that employees should be provided access to the minimum amount of information for the minimum amount of time necessary for them to perform their duties is known as (the) __________ .
  	Selected Answer:   principle of least privilege Correct Answer:  principle of least privilege

• Question 12

  2 out of 2 points

  	In the Schwartz, Erwin, Weafer, and Briney model, ____ are the real techies, who create and install security solutions.
  	Selected Answer:   builders Correct Answer:  builders

• Question 13

  2 out of 2 points

  	In general, the research seems to suggest that while many organizations believe that the CISO/CSO should function as an independent, executive-level decision maker, infomation security and the ____ department are currently too closely aligned to separate into two departments.
  	Selected Answer:   information technology Correct Answer:  information technology

• Question 14

  1 out of 1 points

  	In many organizations, the staff of information security teams lacks established roles and responsibilities, in part because information security has only recently emerged as a separate discipline.
  	Selected Answer:  True Correct Answer:  True

• Question 15

  1 out of 1 points

  	The security manager position is much more general than that of CISO.
  	Selected Answer:  False Correct Answer:  False