FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 11: Security and Personnel

Show Answer

Share

---

All types

Filters

Study Flashcards

Question 41

True/False

Review LaterAdd Note

Review Later

The general management community of interest must work with information security professionals to integrate solid information security concepts into the personnel management practices of the organization.

A) True
B) False

Correct Answer

verified

Show Answer

Question 42

Short Answer

Review LaterAdd Note

Review Later

Related to the concept of separation of duties is that of ____________________, the requirement that two individuals review and approve each other's work before the task is categorized as finished.

Correct Answer

verified

two-person...

View Answer

Show Answer

Question 43

True/False

Review LaterAdd Note

To maintain a secure facility, all contract employees should be escorted from room to room, as well as into and out of the facility.

Job ____________________ can greatly increase the chance that an employee's misuse of the system or abuse of information will be detected by another employee.

The breadth and depth covered in each of the domains makes the __________ one of the most difficult-to-attain certifications on the market.

To assess the effect that changes will have on the organization's personnel management practices, the organization should conduct a ____________________feasibility study before the program is implemented.

In many organizations, information security teams lack established roles and responsibilities.

__________ is the requirement that every employee be able to perform the work of another employee.

The information security function can be placed within the __________.

__________ is a cornerstone in the protection of information assets and in the prevention of financial loss.

"Administrators" provide the policies, guidelines, and standards in the Schwartz, Erwin, Weafer, and Briney classification. _________________________

The model commonly used by large organizations places the information security department within the __________ department.

The most common credential for a CISO-level position is the Security+ certification. _________________________

Though CISOs are business managers first and technologists second, they must be conversant in all areas of information security, including the technical, planning, and ____________________ areas.

Certifications are designed to recognize ____________________ in their respective fields.

The SSCP examination is much more rigorous than the CISSP examination.

The ____________________ of (ISC)² program is geared toward those who want to take the CISSP or SSCP exam before obtaining the requisite experience for certification.

ISSMP stands for Information Systems Security Monitoring Professional. _________________________