CPSC 4581 MIDTERM EXAM QUESTIONS AND ANSWERS
• Question 1
5 out of 5 points
Corruption of information can occur only while information is being
stored.
Selected Fals
Answer: e
Answers: True
Fals
e
• Question 2
5 out of 5 points
Project scope management ensures that the project plan includes only
those activities that are necessary to complete it.
Selected Tru
Answer: e
Answers: Tru
e
False
• Question 3
5 out of 5 points
A clearly directed strategy flows from top to bottom rather than from
bottom to top.
Selected Tru
Answer: e
Answers: Tru
e
False
• Question 4
5 out of 5 points
A top-down approach to information security usually begins with a
systems administrator’s attempt to improve the security of their
systems.
Selected Fals
Answer: e
Answers: True
Fals
e
• Question 5
5 out of 5 points
Policies must specify penalties for unacceptable behavior and define
an appeals process.
Selected Tru
Answer: e
, Answers: Tru
e
False
• Question 6
5 out of 5 points
Small organizations spend more per user on security than medium-
and large-sized organizations.
Selected Tru
Answer: e
Answers: Tru
e
False
• Question 7
5 out of 5 points
A security blueprint is the outline of the more thorough security framework.
Selected Fals
Answer: e
Answers: True
Fals
e
• Question 8
5 out of 5 points
Separation of duties is the principle by which members of the
organization can access the minimum amount of information for the
minimum amount of time necessary to perform their required duties.
Selected Fals
Answer: e
Answers: True
Fals
e
• Question 9
5 out of 5 points
Lattice-based access control specifies the level of access each subject
has to each object, if any.
Selected Tru
Answer: e
Answers: Tru
e
False
• Question 10
5 out of 5 points
Using a practice called benchmarking, you are able to develop an
acceptable use policy based on the typical practices of the industry in
which you are working.
, Selected Fals
Answer: e
Answers: True
Fals
e
• Question 11
5 out of 5 points
A company deemed to be using ‘best security practices’ establishes
high-quality security in every area of their security program.
Selected Fals
Answer: e
Answers: True
Fals
e
• Question 12
5 out of 5 points
One question you should ask when choosing among recommended
practices is “Can your organization afford to implement the
recommended practice?”
Selected Tru
Answer: e
Answers: Tru
e
False
• Question 13
5 out of 5 points
Attaining certification in security management is a long and difficult
process, but once attained, an organization remains certified for the
life of the organization.
Selected Fals
Answer: e
Answers: True
Fals
e
• Question 14
5 out of 5 points
Communications security involves the protection of which of the
following?.
Selected a.
Answer: media, technology, and
content
Answers: a.
media, technology, and
content
• Question 1
5 out of 5 points
Corruption of information can occur only while information is being
stored.
Selected Fals
Answer: e
Answers: True
Fals
e
• Question 2
5 out of 5 points
Project scope management ensures that the project plan includes only
those activities that are necessary to complete it.
Selected Tru
Answer: e
Answers: Tru
e
False
• Question 3
5 out of 5 points
A clearly directed strategy flows from top to bottom rather than from
bottom to top.
Selected Tru
Answer: e
Answers: Tru
e
False
• Question 4
5 out of 5 points
A top-down approach to information security usually begins with a
systems administrator’s attempt to improve the security of their
systems.
Selected Fals
Answer: e
Answers: True
Fals
e
• Question 5
5 out of 5 points
Policies must specify penalties for unacceptable behavior and define
an appeals process.
Selected Tru
Answer: e
, Answers: Tru
e
False
• Question 6
5 out of 5 points
Small organizations spend more per user on security than medium-
and large-sized organizations.
Selected Tru
Answer: e
Answers: Tru
e
False
• Question 7
5 out of 5 points
A security blueprint is the outline of the more thorough security framework.
Selected Fals
Answer: e
Answers: True
Fals
e
• Question 8
5 out of 5 points
Separation of duties is the principle by which members of the
organization can access the minimum amount of information for the
minimum amount of time necessary to perform their required duties.
Selected Fals
Answer: e
Answers: True
Fals
e
• Question 9
5 out of 5 points
Lattice-based access control specifies the level of access each subject
has to each object, if any.
Selected Tru
Answer: e
Answers: Tru
e
False
• Question 10
5 out of 5 points
Using a practice called benchmarking, you are able to develop an
acceptable use policy based on the typical practices of the industry in
which you are working.
, Selected Fals
Answer: e
Answers: True
Fals
e
• Question 11
5 out of 5 points
A company deemed to be using ‘best security practices’ establishes
high-quality security in every area of their security program.
Selected Fals
Answer: e
Answers: True
Fals
e
• Question 12
5 out of 5 points
One question you should ask when choosing among recommended
practices is “Can your organization afford to implement the
recommended practice?”
Selected Tru
Answer: e
Answers: Tru
e
False
• Question 13
5 out of 5 points
Attaining certification in security management is a long and difficult
process, but once attained, an organization remains certified for the
life of the organization.
Selected Fals
Answer: e
Answers: True
Fals
e
• Question 14
5 out of 5 points
Communications security involves the protection of which of the
following?.
Selected a.
Answer: media, technology, and
content
Answers: a.
media, technology, and
content