Test 2

Page 1 of 5

Submitted by Cotto,William on 9/8/2013 6:35:01 PM Points Awarded 95.00 Points Missed Percentage 5.00 95.0%

1. The first phase of the security systems development life cycle (SecSDLC) is the ____ phase. A) analysis B) investigation C) logical design D) physical design Points Earned: 5.0/5.0 Correct Answer(s): B

Correct Answer(s): True

4. The primary role of the chief information officer is to oversee overall corporate security posture for which he/she is accountable to the board. A) True B) False Points Earned: 5.0/5.0 Correct Answer(s): False

5. Tactical planning is also referred to as ____.

http://gwinnetttech.angellearning.com/Section/Assessment/Question/GradeDelivery.aspx?...

PD

Points Earned:

5.0/5.0

Fi

3. A clearly directed strategy flows from top to bottom. A) True B) False

ll P

DF

Ed

ito

rw

Correct Answer(s): A

ith

Points Earned:

5.0/5.0

Fr ee

2. A SDLC-based project may be started by an event-driven or a ____ impetus. A) plan-driven B) process-driven C) sequence-driven D) personnel-driven

rit

er an d

To

ols

12/6/2013

Test 2

Page 2 of 5

A) strategic planning B) project planning C) organizational planning D) operational planning Points Earned: 5.0/5.0 Correct Answer(s): B

6. Budgeting, resource allocation, and manpower are critical components of the ____ plan. A) strategic B) operational C) organizational D) tactical Correct Answer(s): D

8. The information security governance framework generally consists of which of the following? A) Security policies that address each aspect of strategy, control, and regulation B) A security strategy that talks about the value of information technologies protected C) Institutionalized monitoring processes to ensure compliance and provide feedback on effectiveness and mitigation of risk D) All of these are components of the information security governance framework Points Earned: 0.0/5.0 Correct Answer(s): B

9. Information security governance includes all of the accountabilities and methods undertaken by the board of directors and executive management to provide strategic direction, verification that risk management practices are appropriate, and validation that the organizations assets are used properly.

http://gwinnetttech.angellearning.com/Section/Assessment/Question/GradeDelivery.aspx?...

PD

Fi

ll P

DF

Ed

Correct Answer(s): False

ito

Points Earned:

5.0/5.0

rw

ith

7. The information security governance framework generally includes a comprehensive security strategy explicitly linked with business and IT risks. A) True B) False

Fr ee

rit

er an d

To

ols

Points Earned:

5.0/5.0

12/6/2013

Test 2

Page 3 of 5

A) True B) False Points Earned: 5.0/5.0 Correct Answer(s): True

10. Which of the following is an information security governance responsibility of the organizations employees? A) Communicate policies and the program B) Set security policy, procedures, programs and training for the organization C) Brief the board, customers and the public D) Implement policy, report security vulnerabilities and breaches Points Earned: 5.0/5.0 Correct Answer(s): D

12. The ____ statement contains a formal set of organizational principles, standards, and qualities. A) vision B) mission C) values D) business Points Earned: 5.0/5.0 Correct Answer(s): C

13. The long-term direction taken by the organization is based on ____ planning. A) strategic B) tactical C) operational D) managerial Points Earned: 5.0/5.0

http://gwinnetttech.angellearning.com/Section/Assessment/Question/GradeDelivery.aspx?...

PD

Fi

ll P

DF

Ed

Points Earned: 5.0/5.0 Correct Answer(s): True

ito

rw

ith

11. The primary goal of internal monitoring is to maintain an informed awareness of the state of all of the organizations networks, information systems, and information security defenses. A) True B) False

Fr ee

rit

er an d

To

ols

12/6/2013

Test 2

Page 4 of 5

Correct Answer(s): A

14. Boards of Directors for Information Security Governance should follow essential practices including identifying information security leaders, holding them accountable and ensuring support for them. A) True B) False Points Earned: 5.0/5.0 Correct Answer(s): True

Points Earned: 5.0/5.0 Correct Answer(s): A

17. A vision statement is meant to be a factual depiction of the current state of the organization. A) True B) False Points Earned: 5.0/5.0 Correct Answer(s): False

18. At the end of each phase of the security systems development life cycle (SecSDLC), a ____ takes place.

http://gwinnetttech.angellearning.com/Section/Assessment/Question/GradeDelivery.aspx?...

PD

Fi

16. A(n) ____ is a category of objects, persons or other entities that represent a constant threat to an asset. A) threat B) vulnerability C) risk D) exploit

ll P

DF

Ed

ito

rw

ith

Fr ee

Points Earned: 5.0/5.0 Correct Answer(s): B

rit

er an d

15. Which of the following is true about mission statements? A) They should be ambitious B) They express what the organization is C) They express the aspirations of the organization D) They are not meant to be probable

To

ols

12/6/2013

Test 2

Page 5 of 5

A) brainstorming session B) structured discussion C) structured review D) planning session Points Earned: 5.0/5.0 Correct Answer(s): C

19. In a(n) methodology, a problem is solved based on a structured sequence of procedures. A) True B) False Points Earned: 5.0/5.0 Correct Answer(s): True

Points Earned: 5.0/5.0 Correct Answer(s): D

http://gwinnetttech.angellearning.com/Section/Assessment/Question/GradeDelivery.aspx?...

PD

Continue

Fi

ll P

DF

Ed

ito

rw

20. The ____ phase of the security systems development life cycle (SecSDLC) assesses the organizations readiness, its current systems status, and its capability to implement and then support the proposed systems. A) physical design B) implementation C) investigation D) analysis

ith

Fr ee

rit

er an d

To

ols

12/6/2013