Question 11 / 1 ptsBecause it sets out general business intentions, a mission statement does not need to be concise.TrueCorrect!False Show
Question 21 / 1 ptsA clearly directed strategy flows from top to bottom rather than from bottom to top.Correct! Get answer to your question and much more Question 31 / 1 ptsA maintenance model is intended to focus ongoing maintenance efforts so as to keep systems usable andsecure.Correct! Get answer to your question and much more Question 41 / 1 ptsA top-down approach to information security usually begins with a systemsadministrator’s attempt toimprove the security of systems. Get answer to your question and much more Get answer to your question and much more Question 51 / 1 ptsToday’s InfoSec systems need constant monitoring, testing, modifying, updating, and repairing.Correct!True FalseQuestion 60 / 1 ptsValues statements should be ambitious; after all, they are meant to express the aspirations of anorganization. ____________ Get answer to your question and much more Question 71 / 1 ptsA person or organization that has a vested interest in a particular aspect of the planning or operation of anorganization is a(n) investiture. ____________ Get answer to your question and much more Correct!FalseQuestion 81 / 1 ptsThe ISO 27014:2013 standard promotes five governance processes, which should be adopted by theorganization’s executivemanagement and its consultant. ____________ Get answer to your question and much more Question 91 / 1 ptsEnterprise risk management is a valuable approach that can better align security functions with thebusiness mission while offering opportunities to lower costs. ____________Correct!True FalseQuestion 101 / 1 ptsAccording to the CGTF, the organization should treat InfoSec as an integral part of the system life cycle.____________ Get answer to your question and much more FalseQuestion 111 / 1 ptsWhich of the following explicitly declares the business of the organization and its intended areas ofoperations? Get answer to your question and much more Question 121 / 1 ptsWhich type of planning is the primary tool in determining the long-term direction taken by anorganization? Get answer to your question and much more Question 131 / 1 ptsWhich of the following is true about planning?Correct! Strategic plans are used to create tactical plans.Tactical plans are used to create strategic plans.Operational plans are used to create tactical plans.Operational plans are used to create strategic plans. Question 141 / 1 ptsWhich level of planning breaks down each applicable strategic goal into a series of incrementalobjectives? Get answer to your question and much more Question 151 / 1 ptsWhich type of planning is used to organize the ongoing, day-to-day performance of tasks? Get answer to your question and much more Question 161 / 1 ptsThe basic outcomes of InfoSec governance should include all but which of the following? Get answer to your question and much more Upload your study docs or become a Course Hero member to access this document Upload your study docs or become a Course Hero member to access this document Which of the following is an information security governance responsibility of the chief information security officer?Which of the following is an information security governance responsibility of the chief information security officer ? Set security policy, procedures, programs, and training.
What is the first phase of the SecSDLC?Investigation – The investigation phase of the SecSDLC begins with a directive from upper management specifying the process, outcomes, and goals of the project, as well as its budget and other constraints.
Is a technique used to compromise a system quizlet?A technique used to compromise a system. This term can be a verb or a noun. Threat agents may attempt to exploit a system or other information asset by using it illegally for their personal gain.
Which term describes a subject or objects ability to use manipulate modify or affect another subject or object?Terms in this set (15) access. a subject or object's ability to use, manipulate, modify, or affect another subject or object.
|