ITS 221 ch4-6

Exit

Question 1 of 1

  Time Left


0 [{"id":395613,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:17:50","updated_at":"2018-03-01 08:11:11","questionName":"A security ________ is an outline of the overall information security strategy for the organization and a roadmap for planned changes to the information security environment of the organization.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":15,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":395633,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:23:07","updated_at":"2018-03-01 08:11:11","questionName":"A security clearance is a component of a data classification scheme that assigns a status level to systems to designate the maximum level of classified data that may be stored on it.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":29,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":395628,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:22:24","updated_at":"2018-03-01 08:11:11","questionName":"You should adopt naming standards that do not convey information to potential system attackers.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":26,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":395625,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:21:39","updated_at":"2018-03-01 08:11:11","questionName":"In addition to their other responsibilities, the three communities of interest are responsible for determining which control options are cost effective for the organization.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":24,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":395614,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:18:33","updated_at":"2018-03-01 08:11:11","questionName":"The stated purpose of ISO\/IEC 27002 is to offer guidelines and voluntary directions for information security __________.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":16,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":395620,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:20:36","updated_at":"2018-03-01 08:11:11","questionName":"The upper management of an organization must structure the IT and information security functions to defend the organization's information assets.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":20,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":395631,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:22:50","updated_at":"2018-03-01 08:11:11","questionName":"A data classification scheme is a formal access control methodology used to assign a level of availability to an information asset and thus restrict the number of people who can access it.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":28,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":395622,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:21:02","updated_at":"2018-03-01 08:11:11","questionName":"According to Sun Tzu, if you know your self and know your enemy you have an average chance to be successful in an engagement.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":22,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":395619,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:20:10","updated_at":"2018-03-01 08:11:11","questionName":"According to NIST SP 800-14's security principles, security should ________.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":19,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":395615,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:19:12","updated_at":"2018-03-01 08:11:11","questionName":"When BS 7799 first came out, several countries, including the United States, Germany, and Japan, refused to adopt it, claiming that it had fundamental problems. Which of the following is NOT one of those problems?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":17,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":395617,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:19:38","updated_at":"2018-03-01 08:11:11","questionName":"SP 800-14, Generally Accepted Principles and Practices for Securing Information Technology Systems, provides best practices and security principles that can direct the security team in the development of a security ________.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":18,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":395624,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:21:15","updated_at":"2018-03-01 08:11:11","questionName":"Know yourself means identifying, examining, and understanding the threats facing the organization.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":23,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":395627,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:21:53","updated_at":"2018-03-01 08:11:11","questionName":"Identifying human resources, documentation, and data information assets of an organization is less difficult than identifying hardware and software assets.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":25,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":395621,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:20:48","updated_at":"2018-03-01 08:11:11","questionName":"Risk control is the application of mechanisms to reduce the potential for loss or change to an organization's information assets.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":21,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":395630,"quiz_id":"20043","answer_id":null,"answerType_id":"0","created_at":"2018-02-28 20:22:39","updated_at":"2018-03-01 08:11:11","questionName":"Within a data classification scheme, comprehensive means that an information asset should fit in only one category.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":27,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null}]
395613
0
120
block

A security ________ is an outline of the overall information security strategy for the organization and a roadmap for planned changes to the information security environment of the organization.

Select the correct answer(s).  

(0/0)












395633
0
120
none
395628
0
120
none
395625
0
120
none
395614
0
120
none
395620
0
120
none
395631
0
120
none
395622
0
120
none
395619
0
120
none
395615
0
120
none
395617
0
120
none
395624
0
120
none
395627
0
120
none
395621
0
120
none
395630
0
120
none