FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 5: Planning for Security

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 31

Multiple Choice

Review LaterAdd Note

Review Later

Security ____ are the areas of trust within which users can freely communicate.

A) perimeters
B) domains
C) rectangles
D) layers

Correct Answer

verified

Show Answer

Question 32

Multiple Choice

Review LaterAdd Note

Review Later

The Security Area Working Group acts as an advisory board for the protocols and areas developed and promoted by the Internet Society and the ____.

A) IETF
B) ISO/IEC
C) ISOC
D) IRTF

Correct Answer

verified

Show Answer

Question 33

Multiple Choice

Review LaterAdd Note

A ____ site provides only rudimentary services and facilities.

An alert ____ is a document containing contact information for the people to be notified in the event of an incident.

A(n)____________________ is a plan or course of action that conveys instructions from an organization's senior management to those who make decisions,take actions,and perform other duties.

A policy should state that if employees violate a company policy or any law using company technologies,the company will protect them,and the company is liable for the employee's actions.

A managerial guidance SysSP document is created by the IT experts in a company to guide management in the implementation and configuration of technology.

A buffer against outside attacks is frequently referred to as a(n) ____.

Redundancy can be implemented at a number of points throughout the security architecture,such as in ____.

Evidence is the physical object or documented information that proves an action occurred or identifies the intent of a perpetrator._________________________

NIST Special Publication 800-18 Rev.1,The Guide for Developing Security Plans for Federal Information Systems,includes templates for major application security plans.

Laws are more detailed statements of what must be done to comply with policy._________________________

Informational controls guide the development of education,training,and awareness programs for users,administrators,and management.

SP 800-18 Rev.1,The Guide for Developing Security Plans for Federal Information Systems,must be customized to fit the particular needs of a(n)organization._________________________

What is the purpose of security education,training,and awareness (SETA)?

The global information security community has universally agreed with the justification for the code of practices as identified in the ISO/IEC 17799.

Some policies may need a(n)____________________ indicating their expiration date.

A(n)contingency plan is prepared by the organization to anticipate,react to,and recover from events that threaten the security of information and information assets in the organization,and,subsequently,to restore the organization to normal modes of business operations._________________________

The policy champion and manager is called the policy ____________________.

The gateway router can be used as the front-line defense against attacks,as it can be configured to allow only set types of protocols to enter.