Chapter 1 Practice Test

Which of the following is NOT a unique function of Information Security Management?

The use of cryptographic certificates to establish Secure Sockets Layer (SSL) connections is an example of which process?

It is possible to take a very complex operation and diagram it in PERT if you can answer three key questions about each activity. Which of the following is NOT one of them?

The first step in solving problems is to gather facts and make assumptions.

Which function of InfoSec Management encompasses security personnel as well as aspects of the SETA program?

Which of the following is a C.I.A. characteristic that ensures that only those with sufficient privileges and a demonstrated need may access certain information?

Information security project managers often follow methodologies based on what methodology promoted by the Project Management Institute?

What do audit logs that track user activity on an information system provide?

Which of the following is the first step in the problem-solving process?

Corruption of information can occur only while information is being stored.

In the WBS approach, the project plan is first broken down into tasks placed on the WBS task list. The minimum attributes that should be identified for each task include all but which of the following?

Which of the following is the process that develops, creates, and implements strategies for the accomplishment of objectives?

Which of the following is the principle of management dedicated to the structuring of resources to support the accomplishment of objectives?

The authorization process takes place before the authentication process.

Which of the following was originally developed in the late 1950s to meet the need of the rapidly expanding engineering projects associated with government acquisitions such as weapons systems?

What is one of the most frequently cited failures in project management?

Communications security involves the protection of which of the following?

Which of the following is NOT a step in the problem-solving process?

Which of the following is NOT a knowledge area in the Project Management knowledge body?

Using the Program Evaluation and Review Technique, which of the following identifies the sequence of events or activities that requires the longest duration to complete, and that therefore cannot be delayed without delaying the entire project?

Which of the following functions of Information Security Management seeks to dictate certain behavior within the organization through a set of organizational guidelines?

The management of human resources must address many complicating factors; which of the following is NOT among them?

A project can have more than one critical path.

Which type of planning is used to organize the ongoing, day-to-day performance of tasks?

The primary goal of external monitoring is to maintain an informed awareness of the state of all of the organization's networks, information systems, and information security defenses

resources include people, hardware, and the supporting system elements and resources associated with the management of information in all its states

According to the Corporate Governance Task Force (CGTF), which phase in the IDEAL model and framework lays the groundwork for a successful improvement effort?

The National Association of Corporate Directors (NACD) recommends four essential practices for boards of directors. Which of the following is NOT one of these recommended practices?

In which level of planning are budgeting, resource allocation, and manpower critical components?

Which of the following should be included in an InfoSec governance program?

A top-down approach to information security usually begins with a systems administrator's attempt to improve the security of their systems.

Which type of attack involves sending a large number of connection or information requests to a target?

Penetration testing is often conducted by contractors, who are commonly referred to as black-hats.

What is the first phase of the SecSDLC?

Because it sets out general business intentions, a mission statement does not need to be concise.

Which type of planning is the primary tool in determining the long-term direction taken by an organization?

overflow is an application error that occurs when the system can't handle the amount of data that is sent.

Which of the following is a feature left behind by system designers or maintenance staff that allows quick access to a system at a later time by bypassing access controls?

A top-down approach to information security usually begins with a systems administrator's attempt to improve the security of their systems.

Which of the following set the direction and scope of the security process and provide detailed instruction for its conduct?

Which of the following is a key advantage of the bottom-up approach to security implementation?

Which of the following explicitly declares the business of the organization and its intended areas of operations?

phase is the last phase of SecSDLC, but perhaps the most important.

testing, security personnel simulate or perform specific and controlled attacks to compromise or disrupt their own systems by exploiting documented vulnerabilities.

In which model in the SecSDLC does the work products of each phase fall into the next phase to serve as its starting point?

Which of the following is true about planning?

Which of the following has the main goal of restoring normal modes of operation with minimal cost and disruption to normal business activities after an event?

is a document containing contact information of the individuals to notify in the event of an actual incident.

plan is a detailed set of processes and procedures that anticipate, detect, and mitigate the effects of an unexpected event that might compromise information resources and assets

When dealing with an incident, the incident response team must conduct a(n) ____________________, which entails a detailed examination of the events that occurred from first detection to final recovery.

When a disaster renders the current business location unusable, which plan is put into action?

Which contingency plan strategy do individuals work on their own tasks and are responsible for identifying the faults in their own procedures?

The bulk batch-transfer of data to an off-site facility is known as

testing of contingency plans, the individuals follow each and every procedure, including the interruption of service, restoration of data from backups, and notification of appropriate individuals.

In which contingency plan strategy do individuals act as if an actual incident occurred, and begin performing their required tasks and executing the necessary procedures, without interfering with the normal operations of the business?

What is the last stage of the business impact analysis?

In which type of site are no computer hardware or peripherals provided?

In the event of an incident or disaster, which team sets up and starts off-site operations?

In most organizations, the COO is responsible for creating the IR plan

Which of the following is a tool that can be useful in resolving the issue of what business function is the most critical?

After an incident, but before returning to its normal duties, the CSIRT must do which of the following?

Which of the following is a responsibility of the crisis management team?

is an agency that provides, in the case of DR/BC planning, physical facilities for a fee.

If operations at the primary site cannot be quickly restored, the ____________________ occurs concurrently with the DR plan, enabling the business to continue at an alternate site.

Which of the following is true about a hot site?

is an agency that provides, in the case of DR/BC planning, physical facilities for a fee.

In a warm site, all services and communications links are fully configured and the site can be fully functional within minutes.

When an incident takes place, the disaster recovery (DR) plan is invoked before the incident response (IR) plan.

Which of the following is usually conducted via leased lines or secure Internet connections whereby the receiving server archives the data as it is received

Which of the following is the process of examining a possible incident and determining whether it constitutes an actual incident

is a document containing contact information of the individuals to notify in the event of an actual incident.

Training should be as specialized as possible; personnel who are responsible for one duty should not be trained on other duties to avoid confusion during a disaster