Create
Learn
Share

Infosec final 10

rename
somumexa's version from 2016-11-18 22:19

Section

Question Answer
The ____ involves collecting information about an organization’s objectives, its technical architecture, and its information security environment.SecSDLC
During the implementation phase, the organization translates its blueprint for information security into a concrete project ____________________.plan
Project ____________________ describes the amount of time and effort-hours needed to deliver the planned features and quality level of the project deliverables.scope
The task of creating a project plan is often assigned to either a project manager or the project ______leader
In the early stages of planning, the project planner should attempt to specify completion dates only for ________________ within the project.major employees
Planners need to _________ required to complete each task, subtask, or action step.estimate the effort
Planners need to _____________ required for the completion of each task, subtask, or action item.estimate the capital expenses
Planners need to _________________ for the completion of each task, subtask, or action item.estimate the noncapital expenses
Planners should note wherever possible the _______________________ or action steps on the task or action step at hand.dependencies of other tasks
If the task is to write firewall specifications for the preparation of a(n) ____, the planner would note that the deliverable is a specification document suitable for distribution to vendors.RFP
A(n) ____________________ is a specific point in the project plan when a task that has a noticeable impact on the progress of the project plan is complete.milestone
The tasks or action steps that come before the specific task at hand are called ____________________.predecessors
Tasks or action steps that come after the task at hand are called ____.successors
typically prepared in the analysis phase of the SecSDLC, must be reviewed and verified prior to the development of the project plan.cost benefitanalysis (CBA)
Public organizations often have “____” to spend all their remaining funds before the end of the fiscal year.end-of-fiscal-year spend-a-thons
In the ____ process, measured results are compared to expected results.negative feedback loop
During the implementation phase, the organization translates its blueprint for information security into a concrete project ____________________.plan
Some cases of ____ are simple, such as requiring employees to use a new password beginning on an announced date.direct changeover
A ____ is usually the best approach to security project implementation.Phased implementation
In a ____ implementation, the entire security system is put in place in a single office, department, or division, and issues that arise are dealt with before expanding to the rest of the organization.pilot
The ____________________ operations strategy involves running the new methods alongside the old methods.parallel
The ____ methodology has been used by many organizations, requires that issues be addressed from the general to the specific, and that the focus be on systematic solutions instead of individual problems.Bull’s Eye
Technology ____________________ is a complex process that organizations use to manage the affects and costs of technology implementation, innovation, and obsolescence.governance
Medium- and large-sized organizations deal with the impact of technical change on the operation of the organization through a(n) ____________________ control process.change
By managing the ____, the organization can reduce unintended consequences by having a process to resolve potential conflict and disruption that uncoordinated change can introduce.process of change
Project managers can reduce resistance to change by involving employees in the project plan. In systems development, this is referred to as ____.JAD
Lewin Change ModelUnfreezing, Moving, Refreezing
___________________ in the Lewin change model involves thawing hard-and-fast habits and established procedures.Unfreezing
JAD stands for ____________________ application development.joint
memorize