Infosec final 11

xamufado's version from 2015-12-16 02:01


Question Answer
The most common qualification for this type of position is the Certified Information SystemsSecurity Professional (CISSP) accreditation
Many information security professionals enter the field from traditional ____ assignments.IT
IT function,as a peer of other subfunctions such as networks, applications development, and the help desk
Physical security function,as a peer of physical security or protective services
Administrative services function,as a peer of human resources or purchasing
The general management __________________ must work with the information security professionals to integrate solid information security concepts into the personnel management practices of the of interest
________________ should learn more about the budgetary needs of the information security function and the positions within it.Upper management
Both need to grant appropriate levels ofinfluence and prestige
The position of security technician can be offered as anentry-level position.
Entry into Security ProfessionEx Military and Law Enforcement most common
the CISO is the major ________ or architect of the information security program.definer
____ are the real techies who create and install security
CISO top security officer typically reports toCSO
CISOs are ____________________ managers
The __________________________________________________ acts as the spokesperson for the information security team.CISO
The__________ is typically considered the top information security officer in the organization.CISO position
Security managers accomplish objectives identified by the CISO and resolve issues identified by technicians.True
Security ____________________ are accountable for the day-to-day operation of the information security program.Managers
____ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization’s security technology is properly implemented.Security Technician
The breadth and depth covered in each of the domains makes the ____ one of the most difficult-to-attain certifications on the market.CISSP
stands for Information Systems Security Engineering Professional. was developed under a joint agreement between (ISC)2 and the United States National Security AgencyISSEP
stands for Information Systems Security Architecture Professional.ISSAP
System Administration, Networking, and Security Organization is better known as ____.SANS
stands for Global Information Architecture Certification.GIAC
_________________ provides three tracks: the SCNS (Security Certified Network Specialist); the SCNP (Security Certified Network Professional); and the SCNA (Security Certified Network Architect).The SCP certification
SCNPadds firewalls and intrusion detection
Always rememberbusiness before technology
Problem solvinglook at source first
Be heard andnot seen
Know more thanyou say
Speak to others notat them
Your education isnever complete
Many organizations use a(n) ____ interview to remind the employee of contractual obligations, such as nondisclosure agreements, and to obtain feedback on the employee’s tenure in the organization.exit
____________ departures include termination for cause, permanent downsizing, temporary lay-off,or some instances of quitting.Hostile
____________________ departures include resignation, retirement, promotion, or relocation.Friendly
Separation of ____________________ is used to reduce the chance of an individual violating information security and breaching the confidentiality, integrity, or availability of information.duties
Related to the concept of separation of duties is that of ____________________, the requirement that two individuals review and approve each other’s work before the task is categorized as finished.two-person control
__________________ can greatly increase the chance that an employee’s misuse of the system or abuse of the information will be detected by another.job rotation
____ is the requirement that every employee be able to perform the work of another employee.task rotation
Employees should be provided access to the minimal amount of information for the minimal amount of time necessary for them to perform their duties. This is referred to as the principle of ____________________.least priviledge
Personnel data requires same attention asany other important data in the organization.