Management of Information Security Chapter 1
Chapter 1 of Management of Information Security, 3rd ed., Whitman and Mattford
____ occurs when the quantity or quality of project deliverables is expanded from the original project plan
Failure to meet project deadlines
____ is one of the most frequently cited failures in project management.
___________________ security encompasses the protection of an organization's communications media, technology, and content.
The ____________________ community supports the business objectives of an organization by supplying and supporting information technology appropriate to the businesss' needs.
All workers operate at approximately the same level of efficiency
The management of human resources must address many complicating factors; which of the following is NOT among them?
Operations are discrete sequences of activities with starting points and defined completion points.
The Gantt chart lists ____ on its vertical axis and provides a simple time line on the horizontal axis.
The three behavioral types of leaders are autocratic, laissez-faire, and ____________________.
Only a deliberate attack, such as a virus, can result in the corruption of a file.
Which of the following is NOT a Principle of Information Security Management?
An information system possesses the characteristic of ____ when it is able to recognize individual users.
The CNSS Security model known as the McCumber cube examines the confidentiality, integrity and ____________________ of information whether in storage, processing or transmission.
____________________ are the operations conducted within InfoSec, which are specifically managed as separate entities.
The three levels of planning are strategic planning, tactical planning, and ____________________ planning.
Employees benefit from the formal training required for the method
Which of the following is NOT an advantage of the PERT method?
____ is the quality or state of being whole, complete, and uncorrupted.
____ of information ensures that only those with sufficient privileges and a demonstrated need may access certain information.
An information system that is able to recognize the identity of individual users is said to provide authentication
1) Policy, 2) awareness, training and education, and 3) technology are concepts vital for the protection of information.
Popular management theory categorizes the principles of management into planning, organizing, leading and controlling
installation of a new firewall system
Which of the following is a project not a managed process?
According to the C.I.A. triangle, the three desirable characteristics of information are confidentiality, integrity, and ____
Which of the following Principles of Information Security Management seeks to dictate certain behavior within the organization through a set of organizational guidance?
A manager has informational, interpersonal, and ____ roles within the organization.
The two network scheduling techniques, the Critical Path Method and PERT, are similar in design.
The ____ of information refers to the ability to access information without interference or obstruction and in a useable format.
The three desirable characteristics of information on which the C.I.A. triangle is founded are confidentiality, integrity, and authorization.
A project can have more than one critical path.
The integrity of information is threatened when it is exposed to corruption, damage, or destruction.
Audit logs that track user activity on an information system provide ____
Recognize and define the problem
Which of the following is the first step in the problem-solving process?
data network devices
Communications security involves the protection of an organization's ____.
Build support among management for the candidate solution
Which of the following is NOT a step in the problem-solving process?
Leadership generally addresses the direction and motivation of the human resource.
____________________ is the process of achieving objectives using a given set of resources.
The term ____________________ refers to the end result of a planning process.
The characteristic of information that enables a user to access it without interference or obstruction and in a useable format is confidentiality.
If the project deliverables meet the requirements specified in the project plan, the project has met its ____________________ objective
The authorization process takes place before the authentication process.
The C.I.A. triangle is an important element of the CNSS model of information security.
The CNSS security model includes detailed guidelines and policies that direct the implementation of controls.
The activation and use of access control lists is an example of the ____ process.
____________________ is the protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information.
When you review technological feasibility, you address the organization's financial ability to purchase the technology needed to implement a candidate solution
Another popular project management tool is the bar or McCumber chart, named for its developer, who created this method in the early 1900s.
The protection of information and the systems and hardware that use, store, and transmit that information is known as ____.
____ security addresses the ability to use the network to accomplish the organization's data communication functions.
Information security can be both a process and a project because it is in fact a continuous series of projects.
The characteristic of ____ exists when a control provides assurance that every activity undertaken can be attributed to a named person or automated process.
Policies are InfoSec operations that are specifically managed as separate entities.