Management of Information Security Chapter 1

50 terms by holymoses61

Create a new folder

Advertisement Upgrade to remove ads

Chapter 1 of Management of Information Security, 3rd ed., Whitman and Mattford

Scope creep

____ occurs when the quantity or quality of project deliverables is expanded from the original project plan

Failure to meet project deadlines

____ is one of the most frequently cited failures in project management.

Communications

___________________ security encompasses the protection of an organization's communications media, technology, and content.

formation Technology

The ____________________ community supports the business objectives of an organization by supplying and supporting information technology appropriate to the businesss' needs.

All workers operate at approximately the same level of efficiency

The management of human resources must address many complicating factors; which of the following is NOT among them?

False

Operations are discrete sequences of activities with starting points and defined completion points.

activities

The Gantt chart lists ____ on its vertical axis and provides a simple time line on the horizontal axis.

democratic

The three behavioral types of leaders are autocratic, laissez-faire, and ____________________.

False

Only a deliberate attack, such as a virus, can result in the corruption of a file.

principles

Which of the following is NOT a Principle of Information Security Management?

authentication

An information system possesses the characteristic of ____ when it is able to recognize individual users.

Availability

The CNSS Security model known as the McCumber cube examines the confidentiality, integrity and ____________________ of information whether in storage, processing or transmission.

Programs

____________________ are the operations conducted within InfoSec, which are specifically managed as separate entities.

Operational

The three levels of planning are strategic planning, tactical planning, and ____________________ planning.

Employees benefit from the formal training required for the method

Which of the following is NOT an advantage of the PERT method?

Integrity

____ is the quality or state of being whole, complete, and uncorrupted.

Confidentiality

____ of information ensures that only those with sufficient privileges and a demonstrated need may access certain information.

False

An information system that is able to recognize the identity of individual users is said to provide authentication

True

1) Policy, 2) awareness, training and education, and 3) technology are concepts vital for the protection of information.

True

Popular management theory categorizes the principles of management into planning, organizing, leading and controlling

installation of a new firewall system

Which of the following is a project not a managed process?

availability

According to the C.I.A. triangle, the three desirable characteristics of information are confidentiality, integrity, and ____

policy

Which of the following Principles of Information Security Management seeks to dictate certain behavior within the organization through a set of organizational guidance?

decisional

A manager has informational, interpersonal, and ____ roles within the organization.

True

The two network scheduling techniques, the Critical Path Method and PERT, are similar in design.

availability

The ____ of information refers to the ability to access information without interference or obstruction and in a useable format.

False

The three desirable characteristics of information on which the C.I.A. triangle is founded are confidentiality, integrity, and authorization.

True

A project can have more than one critical path.

True

The integrity of information is threatened when it is exposed to corruption, damage, or destruction.

accountability

Audit logs that track user activity on an information system provide ____

Recognize and define the problem

Which of the following is the first step in the problem-solving process?

data network devices

Communications security involves the protection of an organization's ____.

Build support among management for the candidate solution

Which of the following is NOT a step in the problem-solving process?

True

Leadership generally addresses the direction and motivation of the human resource.

Management

____________________ is the process of achieving objectives using a given set of resources.

goal

The term ____________________ refers to the end result of a planning process.

False

The characteristic of information that enables a user to access it without interference or obstruction and in a useable format is confidentiality.

Quality

If the project deliverables meet the requirements specified in the project plan, the project has met its ____________________ objective

False

The authorization process takes place before the authentication process.

True

The C.I.A. triangle is an important element of the CNSS model of information security.

False

The CNSS security model includes detailed guidelines and policies that direct the implementation of controls.

authorization

The activation and use of access control lists is an example of the ____ process.

Information Security

____________________ is the protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information.

False

When you review technological feasibility, you address the organization's financial ability to purchase the technology needed to implement a candidate solution

False

Another popular project management tool is the bar or McCumber chart, named for its developer, who created this method in the early 1900s.

information security

The protection of information and the systems and hardware that use, store, and transmit that information is known as ____.

Network

____ security addresses the ability to use the network to accomplish the organization's data communication functions.

False

Information security can be both a process and a project because it is in fact a continuous series of projects.

accountability

The characteristic of ____ exists when a control provides assurance that every activity undertaken can be attributed to a named person or automated process.

False

Policies are InfoSec operations that are specifically managed as separate entities.

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set