Info Sec Chapter 11 Security and Personnel – Flashcards

Unlock all answers in this set

Unlock answers
question
To maintain a secure facility, all contract employees should be escorted from room to room, as well as into and out of the facility. A) True B) False
answer
true
question
The SSCP examination is much more rigorous that the CISSP examination. A) True B) False
answer
false [other way around]
question
CompTIA offers a vendor-specific certification program called the Security+ certification. A) True B) False
answer
false [vendor-neutral]
question
The CISSP concentration concentrations are available for CISSPs to demonstrate knowledge that is already a part of the CISSP CBK. A) True B) False
answer
true
question
A mandatory furlough provides the organization with the ability to audit the work of an individual. _________________________ A) True B) False
answer
false [mandatory vacation]
question
The most common credential for a CISO-level position is the Security+ certification. _________________________ A) True B) False
answer
fALSE
question
Which of the following is not one of the categories of positions as defined by Schwartz, Erwin, Weafer, and Briney? A) definer B) user C) builder D) administrator
answer
b)user
question
The ISSEP allows CISSP certificate holders to demonstrate expert knowledge of all of these except __________. A) Systems security engineering B) Technical management C) International laws D) Certification and accreditation/risk management framework
answer
C)international laws
question
ISSMP stands for Information Systems Security Monitoring Professional. _________________________ A) True B) False
answer
false [Information System Security Management Professional]
question
Many who move to business-oriented information security were formerly__________ who were often involved in national security or cybersecurity . A) marketing managers B) military personnel C) business analysts D) lawyers
answer
B) military personnel
question
Security managers accomplish objectives identified by the CISO and resolve issues identified by technicians. _________________________ A) True B) False
answer
true
question
Many enter the field of information security from technical professionals such as __________ who find themselves working on information security applications and processes more often than traditional IT assignments. A) networking experts or systems administrators B) database administrators C) programmers D) All of the above
answer
d) all of the above
question
__________ is a cornerstone in the protection of information assets and in the prevention of financial loss. A) Fire suppression B) Business separation C) Separation of duties D) Collusion
answer
C) separation of duties
question
The International Society of Forensic Computer Examiners (ISFCE) offers which certifications? A) Certified Computer Examiner (CCE) B) Master Certified Computer Examiner (MCCE) C) both a & b D) neither a nor b
answer
C) both a & b
question
Like the CISSP, the SSCP certification is more applicable to the security__________ than to the security __________, A) technician, manager B) manager, engineer C) manager, technician D) technician, executive
answer
C) manager, technician
question
The ISSMP examination is designed to provide CISSPs with a mechanism to demonstrate competence in __________. A) ?Enterprise security management practices? B) Security management practices C) Business continuity planning and disaster recovery planning D) All of the above
answer
D) All of the above
question
The process of integrating information security perspectives into the hiring process begins with reviewing and updating all job descriptions. A) True B) False
answer
true
question
A background check must always be conducted to determine the level of trust the business can place in a candidate for an information security position. A) True B) False
answer
false
question
Many organizations use a(n) __________ interview to remind the employee of contractual obligations, such as nondisclosure agreements, and to obtain feedback on the employee's tenure in the organization. A) hostile B) departure C) exit D) termination
answer
C) exit
question
The information security function can be placed within the __________. A) insurance and risk management function B) administrative services function C) legal department D) All of the above
answer
D) all of the above
Get an explanation on any task
Get unstuck with the help of our AI assistant in seconds
New