Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

sim > SECURITY AND PERSONNEL > Flashcards

SECURITY AND PERSONNEL Flashcards

1
Q
  1. The general management community of interest must work with the information security professionals to integrate solid information security concepts into the personnel management practices of the organization.
A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. The information security function cannot be placed within protective services.
A

F

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

. In many organizations, information security teams lacks established roles and responsibilities.

A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

In most cases, organizations look for a technically qualified information security generalist who has a solid understanding of how an organization operates.

A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. The use of standard job descriptions can increase the degree of professionalism in the information security field.
A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. Builders operate and administrate the security tools and the security monitoring function and continuously improve the processes, performing all the day-to-day work.
A

F

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. Security managers are accountable for the day-to-day operation of the information security program.
A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. The security manager position is much more general than that of CISO.
A

F

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. The position of security technician can be offered as an entry-level position.
A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. All of the existing certifications are fully understood by hiring organizations.
A

F

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. ISSEP was developed under a joint agreement between the FBI and the United States National Security Agency, Information Assurance Directorate.
A

F

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. Each CISSP concentration exam consists of 25 to 50 questions.
A

F

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. The SSCP covers ten domains.
A

F

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. The SCNA track focuses on firewalls and intrusion detection.
A

F

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. Information security should be visible to the users.
A

F

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. The process of integrating information security perspectives into the hiring process begins with reviewing and updating all job descriptions.
A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
  1. The organization should integrate the security awareness education into a new hire’s ongoing job orientation and make it a part of every employee’s on-the-job security training.
18
Q
  1. In the business world, background checks determine the individual’s level of security classification, a requirement for many positions.
19
Q
  1. To maintain a secure facility, all contract employees should be escorted from room to room, as well as into and out of the facility.
20
Q
  1. Organizations are not required by law to protect employee information that is sensitive or personal.
21
Q
  1. The model used often by large organizations places the information security department within the ____ department.
    a.
    management
    c.
    financial
    b.
    information technology
    d.
    production
A

b.
information technology

22
Q
  1. The information security function can be placed within the ____.
    a.
    insurance and risk management function
    b.
    administrative services function
    c.
    legal department
    d.
    All of the above
A

d.
All of the above

23
Q
  1. ____ are often involved in national security and cyber-security tasks and move from those environments into the more business-oriented world of information security.
    a.
    Marketing managers
    c.
    Business analysts
    b.
    Military personnel
    d.
    Lawyers
A

b.
Military personnel

24
Q
  1. Many information security professionals enter the field from traditional ____ assignments.
    a.
    HR
    c.
    IT
    b.
    BA
    d.
    All of the above
25
Q
  1. A study of information security positions, done by Schwartz, Erwin,Weafer, and Briney, found that positions can be classified into one of ____ areas.
    a.
    two
    c.
    four
    b.
    three
    d.
    five
26
Q
  1. ____ are the real techies who create and install security solutions.
    a.
    Builders
    c.
    Senior managers
    b.
    Administrators
    d.
    Definers
A

a.
Builders

27
Q
  1. The ____ position is typically considered the top information security officer in the organization.
    a.
    CISO
    c.
    CTO
    b.
    CFO
    d.
    CEO
28
Q
  1. ____ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization’s security technology is properly implemented.
    a.
    CSOs
    c.
    Security managers
    b.
    CISOs
    d.
    Security technicians
A

d.
Security technicians

29
Q
  1. The breadth and depth covered in each of the domains makes the ____ one of the most difficult-to-attain certifications on the market.
    a.
    NSA
    c.
    CISSP
    b.
    CISO
    d.
    ISEP
30
Q
  1. In recent years, the ____ certification program has added a set of concentration exams.
    a. ISSEP c. ISSAP
    b. ISSMP d. CISSP
31
Q
  1. The ____ examination is designed to provide CISSPs with a mechanism to demonstrate competence in the more in-depth and concentrated requirements of information security manage-ment.
    a. ISSMP c. CISSPM
    b. ISSAP d. CISSMP
32
Q
  1. ____ was designed to recognize mastery of an international standard for information secu-rity and a common body of knowledge (sometimes called the CBK).
    a. CISSP c. SSCP
    b. ISSMP d. All of the above
33
Q
  1. The SSCP exam consists of ____ multiple-choice questions, and must be completed within three hours.
    a. 75 c. 125
    b. 100 d. 225
34
Q
  1. System Administration, Networking, and Security Organization is better known as ____.
    a. SANO c. SANS
    b. SAN d. SANSO
35
Q
  1. The applicant for the CISM must provide evidence of ____ years of professional work ex-perience in the field of information security, with a waiver or substitution of up to two years for education or previous certification.
    a. five c. ten
    b. eight d. twelve
36
Q
  1. The ____ program focuses more on building trusted networks, including biometrics and PKI.
    a. NFC c. PKI
    b. SCNP d. SCNA
37
Q
  1. Many organizations use a(n) ____ interview to remind the employee of contractual obliga-tions, such as nondisclosure agreements, and to obtain feedback on the employee’s tenure in the organization.
    a. hostile c. exit
    b. departure d. termination
38
Q
  1. ____ are hired by the organization to serve in a temporary position or to supplement the ex-isting workforce.
    a. Temporary em-ployees c. Contractors
    b. Consultants d. Self-employees
A

a. Temporary em-ployees

39
Q
  1. ____ is a cornerstone in the protection of information assets and in the prevention of finan-cial loss.
    a. Fire protection c. Separation of duties
    b. Business separation d. Collusion
A

c. Separation of duties

40
Q
  1. ____ is the requirement that every employee be able to perform the work of another em-ployee.
    a. Two-man control c. Duty exchange
    b. Collusion d. Task rotation
A

d. Task rotation

sim (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions