Escrito por estudiantes que aprobaron Inmediatamente disponible después del pago Leer en línea o como PDF ¿Documento equivocado? Cámbialo gratis 4,6 TrustPilot
logo-home
Examen

Management of Information Security Midterm Question and answers 100% correct 2025/2026

Puntuación
-
Vendido
-
Páginas
127
Grado
A+
Subido en
10-10-2025
Escrito en
2025/2026

Management of Information Security Midterm Question and answers 100% correct 2025/2026 A statement explicitly declaring the business of the organization and its intended areas of operations is a ____________. - correct answer Mission statement Data Security - correct answer Commonly used as a surrogate for information security, the focus of protecting information in its various states- at rest, in processing, and in transmission Which of the following is NOT a unique function of Information Security Management? - correct answer principles Information security is the protection of the confidentiality, integrity, and availability of information assets, in storage, processing, and transmission via the application of policy, education, training, awareness, and technology. - corr

Mostrar más Leer menos
Institución
Management Of Information Security
Grado
Management of Information Security

Vista previa del contenido

Management of Information Security
Midterm Question and answers 100%
correct 2025/2026
A statement explicitly declaring the business of the organization and its intended areas of operations is a
____________. - correct answer ✔Mission statement



Data Security - correct answer ✔Commonly used as a surrogate for information security, the focus of
protecting information in its various states- at rest, in processing, and in transmission



Which of the following is NOT a unique function of Information Security Management? - correct answer
✔principles



Information security is the protection of the confidentiality, integrity, and availability of information
assets, in storage, processing, and transmission via the application of policy, education, training,
awareness, and technology. - correct answer ✔True



The protection of voice and data components, connections, and content is known as _________
security. - correct answer ✔network



The __________ phase of the SecSDLC, the team studies the documents from earlier and looks at of
relevant legal issues that could affect the design of the security solution. - correct answer ✔Analysis



A potential weakness in an asset or its defensive control system(s) is known as a(n) __________ - correct
answer ✔vulnerability



Rule-based policies are less specific to the operation of a system than access control lists. - correct
answer ✔false

,Policies must specify penalties for unacceptable behavior and define an appeals process. - correct
answer ✔True



Having an established risk management program means that an organization's assets are completely
protected. - correct answer ✔False



A detailed outline of the scope of the policy development project is created during which phase of the
SecSDLC? - correct answer ✔investigation



Which type of device exists to intercept requests for information from external users and provide the
requested information by retrieving it from an internal server? - correct answer ✔proxy server



Which of the following access control processes confirms the identity of the entity seeking access to a
logical or physical area? - correct answer ✔authentication



The IT community often takes on the leadership role in addressing risk. - correct answer ✔False



One of the goals of an issue-specific security policy is to indemnify the organization against liability for
an employee's inappropriate or illegal use of the system. - correct answer ✔True



In the bull's-eye model, the ____________________ layer is the place where threats from public
networks meet the organization's networking infrastructure. - correct answer ✔networks



According to the C.I.A. triad, which of the following is the most desirable characteristic for privacy -
correct answer ✔confidentiality



The __________ phase of the SecSDLC has team members create and develop the blueprint for security
and develop critical contingency plans for incident response. - correct answer ✔Justification

,Which type of attack involves sending a large nyumber of connection or information requests to a
target? - correct answer ✔denial of service (DoS)



A methodology for the design and implementation of an information system that is a formal
development strategy is referred to as a __________. - correct answer ✔Systems Development Life
Cycle(SDLC)



The use of cryptographic certificates to establish Secure Sockets Layer (SSL) connections is an example of
which process? - correct answer ✔authentication



IT - correct answer ✔supports the business objectives of the

organization by supplying and supporting IT

appropriate to the business' needs



Database security - correct answer ✔A subset of information security that focuses on the assessment
and protection of information stored in repositories



MAC addresses are considered a reliable identifier for devices with network interfaces because they are
essentially foolproof. - correct answer ✔False



Which of the following is NOT among the three types of InfoSec policies based on NIST's Special
Publication 800-14 - correct answer ✔user-specific security policy



The "Authorized Uses" section of an ISSP specifies what the identified technology cannot be used for. -
correct answer ✔False



Acts of __________ can lead to unauthorized real or virtual actions that enable information gatherers to
enter premises or systems they have not been authorized to access. - correct answer ✔trespass

, General business - correct answer ✔articulates and communicates

organizational policy and objectives and allocates

resources to the other groups



a hacker who intentionally removes or bypasses software copyright protection designed to prevent
unauthorized duplication or use is known as a - correct answer ✔cracker



The ____ is the individual primarily responsible for the assessment, management, and implementation
of information security in the organization. - correct answer ✔Chief Information Security Officer(CISO)



It is possible to take a very complex operation and diagram it in PERT if you can answer three key
questions about each activity. Which of the following is NOT one of them? - correct answer ✔What
other activities require the same resources as this activity?



Attack - correct answer ✔An ongoing act against an asset that could result in a loss of its value



Which of the following is NOT one of the administrative challenges to the operation of firewalls? -
correct answer ✔replacement



Rule-based policies are less specific to the operation of a system than access control lists. (T/F) - correct
answer ✔false



Access control lists regulate who, what, when, where, and why authorized users can access a system. -
correct answer ✔False



An intentional or unintentional act that can damage or otherwise compromise information and the
systems that support it is known as a(n) __________. - correct answer ✔attack

Escuela, estudio y materia

Institución
Management of Information Security
Grado
Management of Information Security

Información del documento

Subido en
10 de octubre de 2025
Número de páginas
127
Escrito en
2025/2026
Tipo
Examen
Contiene
Preguntas y respuestas

Temas

$25.99
Accede al documento completo:

¿Documento equivocado? Cámbialo gratis Dentro de los 14 días posteriores a la compra y antes de descargarlo, puedes elegir otro documento. Puedes gastar el importe de nuevo.
Escrito por estudiantes que aprobaron
Inmediatamente disponible después del pago
Leer en línea o como PDF

Conoce al vendedor

Seller avatar
Los indicadores de reputación están sujetos a la cantidad de artículos vendidos por una tarifa y las reseñas que ha recibido por esos documentos. Hay tres niveles: Bronce, Plata y Oro. Cuanto mayor reputación, más podrás confiar en la calidad del trabajo del vendedor.
Academia199 Chamberlain College Of Nursing
Seguir Necesitas iniciar sesión para seguir a otros usuarios o asignaturas
Vendido
369
Miembro desde
4 año
Número de seguidores
209
Documentos
19905
Última venta
2 semanas hace

3.9

52 reseñas

5
28
4
7
3
7
2
3
1
7

Recientemente visto por ti

Por qué los estudiantes eligen Stuvia

Creado por compañeros estudiantes, verificado por reseñas

Calidad en la que puedes confiar: escrito por estudiantes que aprobaron y evaluado por otros que han usado estos resúmenes.

¿No estás satisfecho? Elige otro documento

¡No te preocupes! Puedes elegir directamente otro documento que se ajuste mejor a lo que buscas.

Paga como quieras, empieza a estudiar al instante

Sin suscripción, sin compromisos. Paga como estés acostumbrado con tarjeta de crédito y descarga tu documento PDF inmediatamente.

Student with book image

“Comprado, descargado y aprobado. Así de fácil puede ser.”

Alisha Student

Preguntas frecuentes