Question 1

An organization's information security program refers to theentire set of activities,resources,personnel,and technologies used by an organization to manage the risks to the information _______ of the organization.

Accepted Answer

The answer of An organization's information security program refers to...

Question 2

List the steps of the seven-step methodology for implementing training.

Accepted Answer

The seven-step methodology for implement...

Question 3

Which function needed to implement the information security program includes researching,creating,maintaining,and promoting information security plans?

Accepted Answer

A)   compliance
B)   policy
C)   planning
D)   systems security administrationE) C) and D)
F) B) and D)

Question 4

The purpose of SETA is to enhance security in all but which of the following ways?

Accepted Answer

A)   by building in-depth knowledge
B)   by adding barriers
C)   by developing skills
D)   by improving awarenessE) A) and B)
F) C) and D)

Question 5

Which of the following is a disadvantage of the one-on-one training method?

Accepted Answer

A)   Inflexible
B)   May not be responsive to the needs of all the trainees
C)   Content may not be customized to the needs of the organization
D)   Resource intensive, to the point of being inefficientE) A) and B)
F) A) and C)

Question 6

In the early stages of planning,the project planner should attempt to specify completion dates only for major employees within the project._________________________

Accepted Answer

A) True 
 B)False

Question 7

Small organizations spend more per user on security than medium- and large-sized organizations.

Accepted Answer

A) True 
 B)False

Question 8

Advanced technical training can be selected or developed based on which of the following?

Accepted Answer

A)   level of previous education
B)   level of previous training
C)   technology product
D)   number of employeesE) A) and C)
F) C) and D)

Question 9

Which of the following variables is the most influential in determining how to structure an information security program?

Accepted Answer

A)   Security capital budget
B)   Organizational size
C)   Security personnel budget
D)   Organizational cultureE) None of the above
F) C) and D)

Question 10

Which of the following is true about the security staffing,budget,and needs of a medium-sized organization?

Accepted Answer

A)   they have a larger security staff than a small organization
B)   they have a larger security budget (as percent of IT budget)  than a small organization
C)   they have a smaller security budget (as percent of IT budget)  than a large organization
D)   they have larger information security needs than a small organizationE) None of the above
F) A) and B)

Question 11

Project ____________________is adescription of a project's features,capabilities,functions,and quality level,used as the basis of a project plan.

Accepted Answer

The answer of Project ____________________is adescription of a project's features,capabilities,functions,and...

Question 12

Which of the following is NOT a step in the process of implementing training?

Accepted Answer

A)   administer the program
B)   hire expert consultants
C)   motivate management and employees
D)   identify target audiencesE) B) and D)
F) A) and C)

Question 13

Which of the following is NOT among the functions typically performed within the InfoSec department as a compliance enforcement obligation?

Accepted Answer

A)   policy
B)   centralized authentication
C)   compliance/audit
D)   risk managementE) None of the above
F) B) and D)

Question 14

GGG security is commonly used to describe which aspect of security?

Accepted Answer

A)   technical
B)   software
C)   physical
D)   theoreticalE) A) and B)
F) A) and C)

Question 15

What is the purpose of a security awareness program?What advantage does an awareness program have for the InfoSec program?

Accepted Answer

A security awareness program keeps InfoS...

Exam 5: Developing the Security Program

The purpose of SETA is to enhance security in all but which of the following ways?

Correct Answer
verified

GGG security is commonly used to describe which aspect of security?

Correct Answer
verified

An organization's information security program refers to theentire set of activities,resources,personnel,and technologies used by an organization to manage the risks to the information _______ of the organization.

Correct Answer
verified

Small organizations spend more per user on security than medium- and large-sized organizations.

Correct Answer
verified

In the early stages of planning,the project planner should attempt to specify completion dates only for major employees within the project._________________________

Correct Answer
verified

List the steps of the seven-step methodology for implementing training.

Correct Answer
verified
The seven-step methodology for implement...
View Answer

Which function needed to implement the information security program includes researching,creating,maintaining,and promoting information security plans?

Correct Answer
verified

Which of the following is true about the security staffing,budget,and needs of a medium-sized organization?

Correct Answer
verified

Advanced technical training can be selected or developed based on which of the following?

Correct Answer
verified

Which of the following is a disadvantage of the one-on-one training method?

Correct Answer
verified

Project ____________________is adescription of a project's features,capabilities,functions,and quality level,used as the basis of a project plan.

Correct Answer
verified

Which of the following is NOT among the functions typically performed within the InfoSec department as a compliance enforcement obligation?

Correct Answer
verified

What is the purpose of a security awareness program?What advantage does an awareness program have for the InfoSec program?

Correct Answer
verified
A security awareness program keeps InfoS...
View Answer

Which of the following variables is the most influential in determining how to structure an information security program?

Correct Answer
verified

Which of the following is NOT a step in the process of implementing training?

Correct Answer
verified

Exam 5: Developing the Security Program

The purpose of SETA is to enhance security in all but which of the following ways?

Correct AnswerverifiedShow Answer

GGG security is commonly used to describe which aspect of security?

Correct AnswerverifiedShow Answer

An organization's information security program refers to theentire set of activities,resources,personnel,and technologies used by an organization to manage the risks to the information _______ of the organization.

Correct AnswerverifiedShow Answer

Small organizations spend more per user on security than medium- and large-sized organizations.

Correct AnswerverifiedShow Answer

In the early stages of planning,the project planner should attempt to specify completion dates only for major employees within the project._________________________

Correct AnswerverifiedShow Answer

List the steps of the seven-step methodology for implementing training.

Correct AnswerverifiedThe seven-step methodology for implement...View AnswerShow Answer

Which function needed to implement the information security program includes researching,creating,maintaining,and promoting information security plans?

Correct AnswerverifiedShow Answer

Which of the following is true about the security staffing,budget,and needs of a medium-sized organization?

Correct AnswerverifiedShow Answer

Advanced technical training can be selected or developed based on which of the following?

Correct AnswerverifiedShow Answer

Which of the following is a disadvantage of the one-on-one training method?

Correct AnswerverifiedShow Answer

Project ____________________is adescription of a project's features,capabilities,functions,and quality level,used as the basis of a project plan.

Correct AnswerverifiedShow Answer

Which of the following is NOT among the functions typically performed within the InfoSec department as a compliance enforcement obligation?

Correct AnswerverifiedShow Answer

What is the purpose of a security awareness program?What advantage does an awareness program have for the InfoSec program?

Correct AnswerverifiedA security awareness program keeps InfoS...View AnswerShow Answer

Which of the following variables is the most influential in determining how to structure an information security program?

Correct AnswerverifiedShow Answer

Which of the following is NOT a step in the process of implementing training?

Correct AnswerverifiedShow Answer

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified
The seven-step methodology for implement...
View Answer

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified
A security awareness program keeps InfoS...
View Answer

Correct Answer
verified

Correct Answer
verified