Está en la página 1de 5

Test 2

Page 1 of 5

Submitted by Cotto,William on 9/8/2013 6:35:01 PM Points Awarded 95.00 Points Missed Percentage 5.00 95.0%

1. The first phase of the security systems development life cycle (SecSDLC) is the ____ phase. A) analysis B) investigation C) logical design D) physical design Points Earned: 5.0/5.0 Correct Answer(s): B

Correct Answer(s): True

4. The primary role of the chief information officer is to oversee overall “corporate security posture” for which he/she is accountable to the board. A) True B) False Points Earned: 5.0/5.0 Correct Answer(s): False

5. Tactical planning is also referred to as ____.

http://gwinnetttech.angellearning.com/Section/Assessment/Question/GradeDelivery.aspx?...

PD

Points Earned:

5.0/5.0

Fi

3. A clearly directed strategy flows from top to bottom. A) True B) False

ll P

DF

Ed

ito

rw

Correct Answer(s): A

ith

Points Earned:

5.0/5.0

Fr ee

2. A SDLC-based project may be started by an event-driven or a ____ impetus. A) plan-driven B) process-driven C) sequence-driven D) personnel-driven

W

rit

er an d

To

ols

12/6/2013

angellearning.. http://gwinnetttech. control.0 Correct Answer(s): B 6.0 rw ith 7. The information security governance framework generally includes a comprehensive security strategy explicitly linked with business and IT risks. Budgeting. and validation that the organization’s assets are used properly.. and manpower are critical components of the ____ plan. A) strategic B) operational C) organizational D) tactical Correct Answer(s): D 8.0/5. and regulation B) A security strategy that talks about the value of information technologies protected C) Institutionalized monitoring processes to ensure compliance and provide feedback on effectiveness and mitigation of risk D) All of these are components of the information security governance framework Points Earned: 0. verification that risk management practices are appropriate.0/5.0 12/6/2013 .0/5.0/5.0 Correct Answer(s): B 9.Test 2 Page 2 of 5 A) strategic planning B) project planning C) organizational planning D) operational planning Points Earned: 5. Information security governance includes all of the accountabilities and methods undertaken by the board of directors and executive management to provide strategic direction. A) True B) False Fr ee W rit er an d To ols Points Earned: 5.com/Section/Assessment/Question/GradeDelivery. The information security governance framework generally consists of which of the following? A) Security policies that address each aspect of strategy.aspx?. resource allocation. PD Fi ll P DF Ed Correct Answer(s): False ito Points Earned: 5.

. and information security defenses. The primary goal of internal monitoring is to maintain an informed awareness of the state of all of the organization’s networks.0/5. The ____ statement contains a formal set of organizational principles. customers and the public D) Implement policy..0/5. The long-term direction taken by the organization is based on ____ planning.0 Correct Answer(s): True 10.com/Section/Assessment/Question/GradeDelivery. A) vision B) mission C) values D) business Points Earned: 5. A) True B) False Fr ee W rit er an d To ols 12/6/2013 .0 http://gwinnetttech. report security vulnerabilities and breaches Points Earned: 5.0/5. and qualities.0 Correct Answer(s): C 13.0 Correct Answer(s): True ito rw ith 11.Test 2 Page 3 of 5 A) True B) False Points Earned: 5. A) strategic B) tactical C) operational D) managerial Points Earned: 5.0/5.angellearning. information systems. programs and training for the organization C) Brief the board.aspx?. procedures.0 Correct Answer(s): D 12. Which of the following is an information security governance responsibility of the organization’s employees? A) Communicate policies and the program B) Set security policy.0/5. PD Fi ll P DF Ed Points Earned: 5. standards.

0 Correct Answer(s): False 18..com/Section/Assessment/Question/GradeDelivery. A) True B) False Points Earned: 5. A(n) ____ is a category of objects.0/5. Boards of Directors for Information Security Governance should follow essential practices including identifying information security leaders. A vision statement is meant to be a factual depiction of the current state of the organization. PD Fi 16. http://gwinnetttech. Which of the following is true about mission statements? A) They should be ambitious B) They express what the organization is C) They express the aspirations of the organization D) They are not meant to be probable To ols 12/6/2013 . A) threat B) vulnerability C) risk D) exploit ll P DF Ed ito rw ith Fr ee W Points Earned: 5.0/5.. A) True B) False Points Earned: 5. At the end of each phase of the security systems development life cycle (SecSDLC).Test 2 Page 4 of 5 Correct Answer(s): A 14.0/5.0 Correct Answer(s): A 17. persons or other entities that represent a constant threat to an asset.0 Correct Answer(s): B rit er an d 15.aspx?.0 Correct Answer(s): True Points Earned: 5.0/5. holding them accountable and ensuring support for them.angellearning. a ____ takes place.

its current systems status. and its capability to implement and then support the proposed systems..aspx?. A) True B) False Points Earned: 5.0/5.angellearning.0 Correct Answer(s): C 19. The ____ phase of the security systems development life cycle (SecSDLC) assesses the organization’s readiness.Test 2 Page 5 of 5 A) brainstorming session B) structured discussion C) structured review D) planning session Points Earned: 5. a problem is solved based on a structured sequence of procedures.com/Section/Assessment/Question/GradeDelivery. In a(n) methodology.0 Correct Answer(s): D http://gwinnetttech.0 Correct Answer(s): True Points Earned: 5.. A) physical design B) implementation C) investigation D) analysis ith Fr ee W rit er an d To ols 12/6/2013 . PD Continue Fi ll P DF Ed ito rw 20.0/5.0/5.