PREVIOUS QUESTION & ANSWER

Q :
A :

 QUESTION 1

1.      ________________ state(s) the justification of why the policy exists. This includes the legal or regulatory justification for the policy, which might be drafted in response to information security threats.

 

Policy exclusions

 

Policy definitions

 

Policy rationale

 

Policy history

10 points   

QUESTION 2

1.      _________________ planning is day-to-day planning that focuses on the normal operations of an organization.

 

Strategic

 

Tactical

 

Operational

 

Security

10 points   

QUESTION 3

1.      What kind of policy would contain a No Retaliation element?

 

acceptable use

 

anti-harassment

 

intellectual property

 

authentication

10 points   

QUESTION 4

1.      Of the following information security assurance documents, which is the most flexible?

 

policy

 

standard

 

guideline

 

procedure

10 points   

QUESTION 5

1.      ______________________ created a comprehensive standard to help any organization create an information security governance program.

 

The Federal Trade Commission

 

The Government Accountability Office (GOA)

 

The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC)

 

National Institute of Standards and Technology (NIST)

10 points   

QUESTION 6

1.      Data destruction policies do not include which of the following?

 

identification of data ready for destruction

 

proper destruction methods for different kinds of data or storage media

 

consequences for improper destruction

 

how long the data should be retained

10 points   

QUESTION 7

1.      A formal ______________ is executive management’s high-level statement of information security direction and goals.

 

standard

 

policy

 

guidelines

 

procedures

10 points   

QUESTION 8

1.      Data __________________ policies state how data is controlled throughout its life cycle.

 

retention

 

privacy

 

detention

 

use

10 points   

QUESTION 9

1.      A board of directors uses _____________ to set forth its information security plans.

 

policies

 

financial statements

 

standards

 

goals

10 points   

QUESTION 10

1.      What type of standard states a minimum level of behavior or actions that must be met to comply with a policy?

 

baseline

 

minimal

 

safeguard

 

procedural

 


Related Questions & Answer

Get Your Solution Free




Get Your Solution Paid




DEMO