1. (TCO 1) Which of the following is LEAST likely to lead to employees accepting and following policy? (Points: 4) Introduce policies through training programs.;Make policy compliance part of job descriptions.;Consistently enforce policies.;Seek input from the organization when developing policies.;Question 2. 2. (TCO 2) Which of the following is NOT a threat to data confidentiality? (Points: 4) Hackers;Encryption;Improper access controls;Social engineering;Question 3. 3. (TCO 1) Which of the following is MOST likely to reflect the policy audience for a corporate ethics policy at Acme Manufacturing? (Points: 4) All Acme Manufacturing employees and all vendors and service providers;All full- and part-time employees of Acme Manufacturing and its subsidiaries;The Acme Manufacturing board of directors;The finance, human resources, and marketing departments of Acme Manufacturing;Question 4. 4. (TCO 2) Which of the following is true of procedures? (Points: 4) Procedures focus on sequential actions or steps, which are the instructions needed to carry out a policy statement.;Procedures must be changed every 30 days.;Procedures are a prerequisite to developing a policy, they must exist before you can write a policy.;Procedures are suggestions for the best way to accomplish a certain task.;Question 5. 5. (TCO 1) Which is the best way to foster acceptance of a new policy? (Points: 4) Involve people in policy development by conducting interviews.;Give everyone a copy of the policy after it is written.;Ensure it is detailed enough that everyone will understand it.;Hold meetings to explain it.;Question 6. 6. (TCO 2) Which of the following is NOT an example of social engineering? (Points: 4) Calling an employee on the phone and impersonating an IT consultant to learn passwords;Running a password-cracking utility against a web server;Dressing up as a UPS employee and gaining access to sensitive areas of a business;Posing as a potential customer in a bank and gaining access to a computer terminal by pretending to need to send an e-mail;Question 7. 7. (TCO 1) Leadership by setting the example, or ?do as I do,? is considered (Points: 4) ineffective in a high-tech company.;the same as ?management by walking around.?;something that should only be employed when information security policies are new.;the most effective leadership style, especially in relation to information security.;Question 8. 8. (TCO 2) Match the following terms to their meanings.;(Points: 4);Potential Matches;1: List of actions that employees are not allowed to perform while using company-provided equipment;2: Any event that impacts culture, procedures, and activities within an organization;3: Introduction to the policy document;4: Policy about a policy;Answer;Change driver;Acceptable use agreement;Statement of authority;Security policy document policy;Question 9. 9. (TCO 1) Which of the following best describes how the penalties defined in the Policy Enforcement Clause should relate to the infractions? (Points: 4) Any infraction should result in suspension or termination.;The same penalty should apply each time an infraction occurs.;The penalty should be proportional to the level of risk incurred as a result of the infraction.;Penalties should be at the discretion of management.;Question 10. 10. (TCO 2) Data integrity is (Points: 4) protecting the data from intentional or accidental disclosure.;making sure the data are always available when legitimately needed.;protecting the data from intentional or accidental modification.;making sure the data are always transmitted in encrypted format.;Question 11. 11. (TCO 1) Which is the best goal for a new policy? (Points: 4) Accurately reflect the current technology environment.;Comply with applicable government policy.;Secure and protect assets from foreseeable harm and provide flexibility for the unforeseen.;Approved by management, and understood by everyone;Question 12. 12. (TCO 2) Which of the following federal regulations pertains to the medical field? (Points: 4) FERPA;GLBA;HIPAA;SOX;Question 13. 13. (TCO 1) The setup instructions that come in the box when you buy a new printer are an example of which of the following? (Points: 4) Standards;Procedures;Guidelines;Policies;Question 14. 14. (TCO 2) Guaranteed 99.999% uptime is an example of (Points: 4) data integrity.;data authentication.;data confidentiality.;data availability.;Question 15. 15. (TCO 1) Which of the following is a good way to help ensure that your company?s information security policies represent best practices? (Points: 4);Base them on current industry standards for practices and technology.;Provide little or no opportunity for policy exceptions to be granted.;Copy key parts of similar policies you find on the Internet.;Keep the suggested guidelines to a minimum, and focus on mandatory standards.
Paper#69673 | Written in 18-Jul-2015Price : $22