



Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A quiz with questions and answers related to information security. It covers topics such as the roles of security technicians and managers, security awareness education, and various security certifications like cissp and cisa. The quiz also addresses concepts like task rotation, background checks, and the principle of least privilege. Useful for students and professionals in the field of information security to test their knowledge and understanding of key concepts and practices. It provides a concise overview of essential topics in information security management and technology.
Typology: Exams
1 / 5
This page cannot be seen from the preview
Don't miss anything!




____ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization's security technology is properly implemented. correct answer Security technicians ____ is the requirement that every employee be able to perform the work of another employee. correct answer task rotation ________ departures include resignation, retirement, promotion, or relocation. correct answer Friendly "Builders" in the field of information security provide dat-to-day systems monitoring and use to support an organization's goals and objectives. correct answer Fasle A background check must always be conducted to determine the level of trust the business can place in a candidate for an information security position. correct answer True An organization should integrate security awareness education into a new hire's ongoing job orientation and make it a part of every employee's on-the-job security training. correct answer True
Because the goals and objectives of CIOs and CISOs tend to contradict each other, InformationWeek recommends: "The people who do and the people who watch shouldn't report to a ____________________ manager." correct answer Common CompTIA offers a vendor-specific certification program called the Security+ certification. correct answer False Existing information security-related certifications are typically well understood by those responsible for hiring in the organizations. correct answer False GIAC stands for Global Information Architecture Certification. correct answer Fasle (assurance) In most cases, organizations look for a technically qualified information security generalist who has a solid understanding of how an organization operates. correct answer True ISACA offers the CGEIT as well as the CISA and ________ cerificaitons. correct answer CISM ISACA touts the CISA certification as being appropriate for accounting, networking, and security professionals. correct answer False ISSMP stands for Information Systems Security Monitoring Professional. _________________________ correct answer False
The CISSP certification requires both the successful completion of the examination and an ____ by a qualified third party, typically another similarly certified professional, the candidate's employer, or a licensed, certified, or commissioned professional. correct answer endorsement The International Society of Forensic Computer Examiners (ISFCE) offers two levels of certification: the Certified Computer Examiner (CCE) and the Master Certified Computer Examiner (MCCE) correct answer True The International Society of Forensic Computer Examiners (ISFCE) offers which certification? correct answer Certified Computer Examiner (CCE) The model commonly used by large organizations places the information security department within the __________ department. correct answer information security The most common credential for a CISO-level position is the Security+ certification. correct answer False The process of ensuring that no unnecessary access to data exists and that employees are able to perform only the minimum operations necessary on a set of data is referred to as the principle of correct answer Least privilege When new employees are introduced into the organization's culture and workflow, they should receive an extensive information security briefing as part of their employee _____. correct answer orientation
Which of the following is not one of the categories of positions defined by Schwartz, Erwin, Weafer, and Briney? correct answer User