© obpcnh/Shutterstock

Answer Key

APPENDIX
A

CHAPTER 1 Information Systems Security Policy Management

1. C 2. Standards 3. A 4. D and E 5. Procedure 6. D 7. C 8. Human 9. E 10. B 11. E

CHAPTER 2 Business Drivers for Information Security Policies

1. C 2. A 3. A 4. Preventive 5. C 6. B 7. D 8. A 9. D 10. D 11. A 12. B 13. B 14 . D 15. D

CHAPTER 3 Compliance Laws and Information Security Policy Requirements

1. B 2. E 3. E 4. D 5. Cyberterrorism or cyberwarfare 6. B 7. CIPA 8. B 9. B 10. B 11. D 12. D

CHAPTER 4 Business Challenges Within the Seven Domains of IT Responsibility

1. B 2. A 3. C 4. C 5. LAN-to-WAN domain 6. A 7. Segmented network 8. A 9. B 10. B 11. D 12. B 13. C 14. B 15. C 16. Concentrators 17. C 18. IDs and passwords

CHAPTER 5 Information Security Policy Implementation Issues

1. E 2. B 3. Be in the background; precisely what is asked of them 4. The cost of business 5. B 6. A 7. C 8. A 9. A 10. B 11. Security policy 12. A 13. D 14. A 15. C 16. C

CHAPTER 6 IT Security Policy Frameworks

1. F 2. A 3. A, B, and C 4. A 5. Policies 6. B 7. C 8. Dormant accounts 9. Confidentiality, integrity, availability, authorization, and nonrepudiation 10. B 11. G 12. B 13. B

CHAPTER 7 How to Design, Organize, Implement, and Maintain IT Security Policies

1. A 2. D 3. A 4. D 5. C 6. B 7. B 8. C 9. Answers may include devices and processes used to control physical access; examples include fences, security guards, locked doors, motion detectors, and alarms 10. Lessons learned 11. Policy 12. Defense in depth 13. A 14. B 15. A and D

CHAPTER 8 IT Security Policy Framework Approaches

1. A 2. C 3. D 4. E 5. A 6. B 7. B 8. B 9. B 10. Priorities or specialties 11. A 12. Expensive or burdensome 13. Social engineering 14. B

CHAPTER 9 User Domain Policies

1. B 2. Firecall-ID 3. A 4. Auditor 5. B 6. B 7. Insider 8. B 9. B 10. Escalate 11. D 12. Service 13. B

CHAPTER 10 IT Infrastructure Security Policies

1. D 2. B 3. D 4. A 5. D 6. E 7. B 8. B 9. Enterprise data management 10. Cohesive, coherent 11. A 12. B 13. B 14. B

CHAPTER 11 Data Classification and Handling Policies and Risk Management Policies

1. C 2. B 3. E 4. E 5. A 6. B 7. Confidential 8. B 9. C 10. B 11. B 12. Risk exposure [=] Likelihood the event will occur [×] Impact if the event occurs 13. C 14. B

CHAPTER 12 Incident Response Team (IRT) Policies

1. B 2. C 3. D 4. D 5. Severity 6. B 7. Incident is declared 8. A 9. B 10. D 11. B 12. D 13. Public relations 14. B 15. A 16. B

CHAPTER 13 IT Security Policy Implementations

1. D 2. A 3. C 4. B 5. B 6. D 7. D 8. A 9. B 10. D 11. B 12. Motivations or needs 13. B 14. B 15. A

CHAPTER 14 IT Security Policy Enforcement

1. B 2. Executive management 3. B 4. C 5. E 6. Security policies 7. B 8. B 9. D 10. B 11. A 12. E 13. B 14. D 15. Before, after 16. Appetite, tolerance

CHAPTER 15 IT Policy Compliance and Compliance Technologies

1. Baseline 2. B 3. B 4. Vulnerability window or security gap 5. D 6. A 7. D 8. A 9. B 10. A 11. C 12. B 13. Likelihood [×] Impact 14. C 15. A 16. Digital signature 17. B

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.119.126.165