Management of Information Security Notes Chapter 1-- Introduction

Study online at https://quizlet.com/_22tzrq

____ occurs when the quantity or quality

of project deliverables is expanded from Scope creep
the original project plan
____ is one of the most frequently cited
Failure to meet project deadlines
failures in project management.
___________________ security en-
compasses the protection of an orga-
Communications
nization's communications media, tech-
nology, and content.
The ____________________ communi-
ty supports the business objectives of an
organization by supplying and support- formation Technology
ing information technology appropriate
to the businesss' needs.
The management of human resources
must address many complicating fac- All workers operate at approximately the
tors; which of the following is NOT same level of efficiency
among them?
Operations are discrete sequences of
activities with starting points and defined False
completion points.
The Gantt chart lists ____ on its vertical
axis and provides a simple time line on activities
the horizontal axis.
The three behavioral types of lead-
ers are autocratic, laissez-faire, and democratic
____________________.
Only a deliberate attack, such as a virus,
False
can result in the corruption of a file.
Which of the following is NOT a Principle
principles
of Information Security Management?
An information system possesses the
characteristic of ____ when it is able to authentication
recognize individual users.

1/5
 Management of Information Security Notes Chapter 1-- Introduction
Study online at https://quizlet.com/_22tzrq
The CNSS Security model known
as the McCumber cube exam-
ines the confidentiality, integrity and
Availability
____________________ of information
whether in storage, processing or trans-
mission.
____________________ are the oper-
ations conducted within InfoSec, which
Programs
are specifically managed as separate
entities.
The three levels of planning are strate-
gic planning, tactical planning, and Operational
____________________ planning.
Which of the following is NOT an advan- Employees benefit from the formal train-
tage of the PERT method? ing required for the method
____ is the quality or state of being
Integrity
whole, complete, and uncorrupted.
____ of information ensures that only
those with sufficient privileges and a
Confidentiality
demonstrated need may access certain
information.
An information system that is able to
recognize the identity of individual users False
is said to provide authentication
1) Policy, 2) awareness, training and ed-
ucation, and 3) technology are concepts True
vital for the protection of information.
Popular management theory catego-
rizes the principles of management into
True
planning, organizing, leading and con-
trolling
Which of the following is a project not a
installation of a new firewall system
managed process?
availability

2/5
 Management of Information Security Notes Chapter 1-- Introduction
Study online at https://quizlet.com/_22tzrq
According to the C.I.A. triangle, the three
desirable characteristics of information
are confidentiality, integrity, and ____
Which of the following Principles of Infor-
mation Security Management seeks to
dictate certain behavior within the orga- policy
nization through a set of organizational
guidance?
A manager has informational, interper-
sonal, and ____ roles within the organi- decisional
zation.
The two network scheduling techniques,
the Critical Path Method and PERT, are True
similar in design.
The ____ of information refers to the
ability to access information without in-
availability
terference or obstruction and in a use-
able format.
The three desirable characteristics of in-
formation on which the C.I.A. triangle is
False
founded are confidentiality, integrity, and
authorization.
A project can have more than one critical
True
path.
The integrity of information is threatened
when it is exposed to corruption, dam- True
age, or destruction.
Audit logs that track user activity on an
accountability
information system provide ____
Which of the following is the first step in
Recognize and define the problem
the problem-solving process?
Communications security involves the
data network devices
protection of an organization's ____.
Which of the following is NOT a step in Build support among management for
the problem-solving process? the candidate solution
3/5
 Management of Information Security Notes Chapter 1-- Introduction
Study online at https://quizlet.com/_22tzrq
Leadership generally addresses the di-
rection and motivation of the human re- True
source.
____________________ is the process
of achieving objectives using a given set Management
of resources.
The term ____________________
refers to the end result of a planning goal
process.
The characteristic of information that en-
ables a user to access it without inter-
False
ference or obstruction and in a useable
format is confidentiality.
If the project deliverables meet the
requirements specified in the pro-
Quality
ject plan, the project has met its
____________________ objective
The authorization process takes place
False
before the authentication process.
The C.I.A. triangle is an important ele-
ment of the CNSS model of information True
security.
The CNSS security model includes de-
tailed guidelines and policies that direct False
the implementation of controls.
The activation and use of access control
authorization
lists is an example of the ____ process.
____________________ is the protec-
tion of information and its critical ele-
ments, including the systems and hard- Information Security
ware that use, store, and transmit that
information.
When you review technological feasibili-
ty, you address the organization's finan- False
cial ability to purchase the technology
4/5
 Management of Information Security Notes Chapter 1-- Introduction
Study online at https://quizlet.com/_22tzrq
needed to implement a candidate solu-
tion
Another popular project management
tool is the bar or McCumber chart,
False
named for its developer, who created
this method in the early 1900s.
The protection of information and the
systems and hardware that use, store,
information security
and transmit that information is known as
____.
____ security addresses the ability to
use the network to accomplish the or-
Network
ganization's data communication func-
tions.
Information security can be both a
process and a project because it is in fact False
a continuous series of projects.
The characteristic of ____ exists when
a control provides assurance that every
accountability
activity undertaken can be attributed to
a named person or automated process.
Policies are InfoSec operations that are
specifically managed as separate enti- False
ties.

5/5