MIS 6862 Exam 2 questions
with complete verified
solutions (graded A+
The (ISC)2 CISSP-ISSEP concentrationfocuses on the knowledge area
including systems lifecycle management, threat intelligence and incident
managements. - True
The former System Administration, Networking, and Security Organization
is now better known as _____. - Sans
Security _____ are accountable for the day-to-day operation of the
information security program. - Manager
Security administrators are accountable to provide day-to-day systems
monitoring to support an organization's goals and objectives. - True
In some organizations, the CISO's position may be combined with physical
security responsibilities or may even report to a security manager who is
responsible for both logical (information) security and physical security
and such a position is generally referred to as a _____. - CSO
ISSEP stands for Information Systems Security Experienced Professional. -
False
The CISSP certification requires both the successful completion of the
examination and a(n) _____ by a qualified third party, typically another
similarly certified professional, the candidate's employer, or a licensed,
certified, or commissioned professional. - Endorsements
The (ISC)2 _____ certification program has added a number of
concentrations that can demonstrate advanced knowledge beyond the
basic certification's common body of knowledge. - CISSP
,CompTIA offers a vendor-specific certification program called the
Security+ certification. - False
_____ departures include resignation, retirement, promotion, or relocation.
- Friendly
_____ is a cornerstone in the protection of information assets and in the
prevention of financial loss. - Separation of duties
The CISA credential is promoted by ISACA as the certification that is
appropriate for all but which type of professionals? - Accounting
_____________ are contracted workers hired for a specific one-time purpose,
commonly to provide expertise the organization does not have internally. -
Consultants
The ISSEP concentration allows CISSP certificate holders to demonstrate
expert knowledge of all of the following except _____. - International laws
Because the goals and objectives of _____ and CISOs tend to contradict
each other, InformationWeek recommends: "The people who do and the
people who watch shouldn't report to a common manager." - CIOs
Many who enter the field of information security are technical
professionals such as _____ who find themselves working on information
security applications and processes more often than traditional IT
assignments. - All the answers are correct
The latest forecasts for information security-related positions expect _____
openings than in many previous years. - More
ISSMP stands for Information Systems Security Monitoring Professional -
False
,The most common credential for a CISO-level position is the Security+
certification. - False
The Associate of (ISC)2 program is geared toward those who want to take
the CISSP or SSCP exam before obtaining the requisite _____ for
certification. - Experience
Related to the concept of separation of duties is that of _____, the
requirement that two individuals review and approve each other's work
before the task is categorized as finished. - Two-person control
The most common credential for a CISO-level position is the Security+
certification. - False
What functions does the CISO perform? - ?
ISACA promotes the CISA certification as being appropriate for accounting,
networking, and security professionals - False
Existing information security-related certifications are typically well
understood by those responsible for hiring in organizations - False
Separation of _____ is used to reduce the chance of an individual violating
information security and breaching the confidentiality, integrity, or
availability of information - Duties
Security _____ are accountable for the day-to-day operation of the
information security program - Managers
The position of security analyst can be an entry-level position - True
To assess the effect that changes will have on the organization's personnel
management practices, the organization should conduct a behavioral
feasibility study before the program is _____. - Implemented
, The Cybersecurity Analyst+ certification from _____ is an intermediate
certification with both knowledge-based and performance-based
assessment. - CompTIA
The process of ensuring that no unnecessary access to data exists and
that employees are able to perform only the minimum operations
necessary on a set of data is referred to as the principle of _____. - Least
privilege
Many who move to business-oriented information security were
formerly_____ who were often involved in national security or cybersecurity
- Military Personnel
In many cases, organizations look for a technically qualified information
security generalist who has a solid understanding of how an organization
operates. - True
Once a candidate has accepted a job offer, the employment _____ becomes
an important security instrument. - Contract
The former System Administration, Networking, and Security Organization
is now better known as _____. - SANS
Security administrators provide day-to-day systems monitoring to support
an organization's goals and objectives. - True
The _____ is the title most commonly associated with the top information
security officer in the organization. - CISO
Mandatory training provides the organization with the ability to audit the
work of an individual. - False
In many organizations, information security teams lack established _____
and responsibilities - False
with complete verified
solutions (graded A+
The (ISC)2 CISSP-ISSEP concentrationfocuses on the knowledge area
including systems lifecycle management, threat intelligence and incident
managements. - True
The former System Administration, Networking, and Security Organization
is now better known as _____. - Sans
Security _____ are accountable for the day-to-day operation of the
information security program. - Manager
Security administrators are accountable to provide day-to-day systems
monitoring to support an organization's goals and objectives. - True
In some organizations, the CISO's position may be combined with physical
security responsibilities or may even report to a security manager who is
responsible for both logical (information) security and physical security
and such a position is generally referred to as a _____. - CSO
ISSEP stands for Information Systems Security Experienced Professional. -
False
The CISSP certification requires both the successful completion of the
examination and a(n) _____ by a qualified third party, typically another
similarly certified professional, the candidate's employer, or a licensed,
certified, or commissioned professional. - Endorsements
The (ISC)2 _____ certification program has added a number of
concentrations that can demonstrate advanced knowledge beyond the
basic certification's common body of knowledge. - CISSP
,CompTIA offers a vendor-specific certification program called the
Security+ certification. - False
_____ departures include resignation, retirement, promotion, or relocation.
- Friendly
_____ is a cornerstone in the protection of information assets and in the
prevention of financial loss. - Separation of duties
The CISA credential is promoted by ISACA as the certification that is
appropriate for all but which type of professionals? - Accounting
_____________ are contracted workers hired for a specific one-time purpose,
commonly to provide expertise the organization does not have internally. -
Consultants
The ISSEP concentration allows CISSP certificate holders to demonstrate
expert knowledge of all of the following except _____. - International laws
Because the goals and objectives of _____ and CISOs tend to contradict
each other, InformationWeek recommends: "The people who do and the
people who watch shouldn't report to a common manager." - CIOs
Many who enter the field of information security are technical
professionals such as _____ who find themselves working on information
security applications and processes more often than traditional IT
assignments. - All the answers are correct
The latest forecasts for information security-related positions expect _____
openings than in many previous years. - More
ISSMP stands for Information Systems Security Monitoring Professional -
False
,The most common credential for a CISO-level position is the Security+
certification. - False
The Associate of (ISC)2 program is geared toward those who want to take
the CISSP or SSCP exam before obtaining the requisite _____ for
certification. - Experience
Related to the concept of separation of duties is that of _____, the
requirement that two individuals review and approve each other's work
before the task is categorized as finished. - Two-person control
The most common credential for a CISO-level position is the Security+
certification. - False
What functions does the CISO perform? - ?
ISACA promotes the CISA certification as being appropriate for accounting,
networking, and security professionals - False
Existing information security-related certifications are typically well
understood by those responsible for hiring in organizations - False
Separation of _____ is used to reduce the chance of an individual violating
information security and breaching the confidentiality, integrity, or
availability of information - Duties
Security _____ are accountable for the day-to-day operation of the
information security program - Managers
The position of security analyst can be an entry-level position - True
To assess the effect that changes will have on the organization's personnel
management practices, the organization should conduct a behavioral
feasibility study before the program is _____. - Implemented
, The Cybersecurity Analyst+ certification from _____ is an intermediate
certification with both knowledge-based and performance-based
assessment. - CompTIA
The process of ensuring that no unnecessary access to data exists and
that employees are able to perform only the minimum operations
necessary on a set of data is referred to as the principle of _____. - Least
privilege
Many who move to business-oriented information security were
formerly_____ who were often involved in national security or cybersecurity
- Military Personnel
In many cases, organizations look for a technically qualified information
security generalist who has a solid understanding of how an organization
operates. - True
Once a candidate has accepted a job offer, the employment _____ becomes
an important security instrument. - Contract
The former System Administration, Networking, and Security Organization
is now better known as _____. - SANS
Security administrators provide day-to-day systems monitoring to support
an organization's goals and objectives. - True
The _____ is the title most commonly associated with the top information
security officer in the organization. - CISO
Mandatory training provides the organization with the ability to audit the
work of an individual. - False
In many organizations, information security teams lack established _____
and responsibilities - False
