Download Chapter 1

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
Document related concepts
no text concepts found
Transcript 
Chapter 1
True/False
Indicate whether the statement is true or false.
____
1. Information technology is the sole responsibility of a small, dedicated group of people in a company.
____
2. The C.I.A. triangle is an important element of the NSTISSC model of information security.
____
3. The NSTISSC security model includes detailed guidelines and policies that direct the implementation of
controls.
____
4. The confidentiality of information is breached when unauthorized individuals or systems are able to access
the information.
____
5. Corruption of information can occur only while information is being stored.
____
6. Only a deliberate attack, such as a virus, can result in the corruption of a file.
____
7. The authorization process takes place before the authentication process.
____
8. Decisiveness is proceeding in the face of adversity.
____
9. A manager has many roles to play including informational, interpersonal, and decisional.
____ 10. A manager is responsible for coordinating the completion of tasks.
____ 11. All managers are expected to play a leadership role.
____ 12. Recent research has shown that autocratic leaders are more efficient than democratic leaders.
____ 13. Both autocratic and democratic leaders tend to be action-oriented.
____ 14. Tactical planning focuses on the day-to-day operation of local resources.
____ 15. An issue-specific security policy (ISSP) is a set of rules that defines acceptable behavior within a particular
technology.
Multiple Choice
Identify the choice that best completes the statement or answers the question.
____ 16. The ____ community allocates resources to the other communities of interest.
a. information security
c. general business
b. information technology
d. general public
____ 17. Physical security is concerned with the protection of the ____.
a. people within the organization
c. network devices of the organization
b. physical assets of the organization
d. data of the organization
____ 18. Communications security involves the protection of an organization’s ____.
a. employees
c. technology
b. physical assets
d. data network devices
____ 19. ____ security addresses the ability to use the network to accomplish the organization’s data communication
functions.
a. Communications
c. Operations
b. Network
d. Physical
____ 20. During the transmission of information, algorithms, hash values, and error-correcting codes help ensure the
____ of the information.
a. confidentiality
c. corruption
b. integrity
d. availability
____ 21. An information system possesses the characteristic of ____ when it is able to recognize individual users.
a. authentication
c. authorization
b. identification
d. accountability
____ 22. The use of cryptographic certificates to establish Secure Sockets Layer (SSL) connections is an example of
the ____ process.
a. accountability
c. identification
b. authorization
d. authentication
____ 23. The activation and use of access control lists is an example of the ____ process.
a. identification
c. authorization
b. accountability
d. authentication
____ 24. The characteristic of ____ exists when a control provides assurance that every activity undertaken can be
attributed to a named person or automated process.
a. accountability
c. authorization
b. privacy
d. authentication
____ 25. Audit logs that track user activity on an information system provide ____.
a. identification
c. accountability
b. authorization
d. authentication
____ 26. A manager has informational, interpersonal, and ____ roles within the organization.
a. decisional
c. security related
b. creative
d. leadership
____ 27. Autocratic leaders usually ____.
a. seek input from all interested parties
b. request ideas and suggestions
c. do not accept alternative viewpoints
d. sit back and allow the process to develop as it goes
____ 28. The principle of management dedicated to the structuring of resources to support the accomplishment of
objectives is called ____.
a. organization
c. controlling
b. planning
d. leading
____ 29. ____ control tools evaluate the efficiency and effectiveness of business processes.
a. Financial
c. Information
b. Behavioral
d. Operational
____ 30. Which of the following is the first step in the problem-solving process?
a. analyze and compare the possible solutions
b. develop possible solutions
c. recognize and define the problem
d. gather facts and make assumptions
Completion
Complete each statement.
31. The ____________________ community articulates and communicates organizational policy and objectives.
32. ____________________ security encompasses strategies to protect people, assets, and the workplace.
33. ____________________ security encompasses the protection of an organization’s communications media,
technology, and content.
34. ____________________ is the protection of information and its critical elements, including the systems and
hardware that use, store, and transmit that information.
35. File hashing uses a special algorithm that evaluates the bits in a file and then computes a single representative
number called a(n) ____________________.
36. The ____________________ process provides assurance that the user has been specifically and explicitly
authorized by the proper authority to access, update, or delete the contents of an information asset.
37. ____________________ is the process of achieving objectives using a given set of resources.
38. The job of a(n) ____________________ is to marshal and administer resources, coordinate the completion of
tasks, and handle the many roles necessary to complete the desired objectives.
39. The three basic types of leaders are autocratic, laissez-faire, and ____________________.
40. The term ____________________ refers to the end result of a planning process.
Essay
41. Explain what is meant by the confidentiality of information and what measures organizations use to protect
the confidentiality of information.
42. Explain the differences between a leader and a manager.
43. List and explain the critical characteristics of information.
Related documents
Dale John Giolas MD AUTHORIZATION TO RELEASE HEALTH
Dale John Giolas MD AUTHORIZATION TO RELEASE HEALTH
Authorization to Obtain Patient Information
Authorization to Obtain Patient Information
Medical Records Release
Medical Records Release
authorization for confidential communication - Moreland OB
authorization for confidential communication - Moreland OB
Saint Louis University Authorization to Obtain Patient Information
Saint Louis University Authorization to Obtain Patient Information
Student Health Center Marchetti Towers East 3518 Laclede Avenue
Student Health Center Marchetti Towers East 3518 Laclede Avenue
Release of information
Release of information
Care Authorization to Obtain Patient Information
Care Authorization to Obtain Patient Information
authorization to release and obtain information
authorization to release and obtain information
Outside Medical Records Release Form
Outside Medical Records Release Form
Information Assurance Policy - Indiana University of Pennsylvania
Information Assurance Policy - Indiana University of Pennsylvania
CH01-Testbank-NetSec5e
CH01-Testbank-NetSec5e
Security Controls
Security Controls
leadership styles
leadership styles
Ch. 8 PowerPoint
Ch. 8 PowerPoint
A Dynamic, Context-Aware Security Infrastructure
A Dynamic, Context-Aware Security Infrastructure
Network Security Overview
Network Security Overview
Chapter 11 Outline
Chapter 11 Outline
Three dimensions of information protection and monitoring
Three dimensions of information protection and monitoring
Lecture5 - The University of Texas at Dallas
Lecture5 - The University of Texas at Dallas