Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Information Assurance & Security > Prelim - security policy > Flashcards

Prelim - security policy Flashcards

1
Q

What are the key characteristics of an effective Information Security Policy?

A

Cover end-to-end security processes

Be enforceable and practical

Regularly updated to address business needs and threats

Align with business goals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Explain the hierarchy of security documentation.

A

Policies (e.g., Access Control, Personal Security, Physical Security)

Standards (e.g., Encryption Standard, Information Disposal, Baseline Standards)

Procedures -Technical Controls (e.g., Incident Response, Employee Termination, IT System Settings )

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Policies

A

To reduce risk and protect information

The purpose:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Standards

A

The how, how will be implemented, who is responsible, who will be affected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Procedures – Technical Controls

A

Step by step instruction that people will follow

Instructions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the 3-2-1 backup rule?

A

3 copies of data

2 different storage media

1 copy stored off-site

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Name the three principles of information security (CIA Triad).

A

Confidentiality (accessible only to authorized parties)

Integrity (data remains complete and unaltered)

Availability (data is accessible when needed)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the two primary ISO information security standards?

A

ISO 27001

ISO 27002

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

List four types of information security.

A

Application Security

Network Security

Cloud Security

Cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the key elements of an Information Security Policy?

A

Purpose, Audience, Objectives

Access Control, Data Classification

Security Training, Employee Responsibilities

Encryption, Backup Policies, Compliance References

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the purpose of security standards?

A

To provide detailed guidance for implementing policies organization-wide.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Name three benefits of a strong security culture.

A

Reduced risk of breaches

Increased employee compliance

Proactive reporting of security concerns

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the 7 dimensions of security culture?

A

Attitudes

Behaviors

Cognition

Communication

Compliance

Norms

Responsibilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Why do companies need to meet information security standards?

A

Prevent cyberattacks

Avoid legal fines

Enhance reputation

Increase risk awareness

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the benefits of a strong Security Culture?

A
  • Increased compliance with protective measures
  • Reduced risk of security incidents
  • Employees identify and report concerns
  • Greater sense of security among employees
  • Enhanced security without large expenditure
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What defines Security Culture?

A

Ideas, customs, and social behaviors of a group that influence its security

Information Assurance & Security (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions