· Question 1
2.5 out of 2.5 points
The ____ for a purchase marks the start of the secure procurement process.
· Question 2
2.5 out of 2.5 points
In order to ensure that the strategic management plan is composed of tangible activities, it is documented using a ____ process.
· Question 3
2.5 out of 2.5 points
____ maintains an integrated set of organization-wide security controls along with associated technical countermeasures.
· Question 4
0 out of 2.5 points
Because of its purpose, the ____ stage is the appropriate place for cybersecurity professionals to be involved in software assurance.
· Question 5
2.5 out of 2.5 points
____ data about the performance of security processes and technologies can give managers all of the guidance they need to make informed decisions about how to steer the course.
· Question 6
2.5 out of 2.5 points
____ functionality is almost always put in the code that way for a malicious reason.
· Question 7
0 out of 2.5 points
____ risk and the consequent losses is probably the most common approach to risk handling, because many risks pass through the risk management function unidentified, or unacknowledged.
· Question 8
2.5 out of 2.5 points
The ____ process gathers and uses information from all available sources in order to decrease the possibility of overall risks to information assets.
· Question 9
0 out of 2.5 points
A ____ model serves as the essential basis for effective management of a software operation.
· Question 10
2.5 out of 2.5 points
The ____ provides an unambiguous statement of how the company will coordinate and control its information security practice.
· Question 11
2.5 out of 2.5 points
A ____ spells out the specific steps that need to be taken to ensure that the organization can continue to meet its security goals.
· Question 12
2.5 out of 2.5 points
In the case of every one of the EBK security functions, the ____ stage creates a framework of concrete security procedures and practices, which then serve as the basis for executing the process in the real world.
· Question 13
0 out of 2.5 points
____ is a continuous process when it comes to ensuring the integrity of the security system.
· Question 14
2.5 out of 2.5 points
The actual planning for the response to a threat takes place once the threat situation is ____.
· Question 15
2.5 out of 2.5 points
The ____ level of the capability maturity process is characterized by conscious awareness of security practice.
· Question 16
2.5 out of 2.5 points
The goal of the ____ function is to ensure a reliable level of secure practice across the entire organization.
· Question 17
2.5 out of 2.5 points
____ targets the general user community.
· Question 17
2.5 out of 2.5 points
____ targets the general user community.
· Question 19
2.5 out of 2.5 points
____ has been achieved if the level of the organization’s community understanding and discourse is raised.
· Question 20
2.5 out of 2.5 points
The standard acceptable use policy begins with a statement of ____ goals and objectives.
· Question 21
2.5 out of 2.5 points
____ need a different set of acceptable use policies because of their enhanced authority.
· Question 22
2.5 out of 2.5 points
Audit-based intrusion detection depends on data in ____.
· Question 23
2.5 out of 2.5 points
____ allows users who are outside the physical boundaries of the network to access the network and its resources.
· Question 24
2.5 out of 2.5 points
The first step in ensuring a permanent trust is to delineate the company’s ____.
· Question 25
2.5 out of 2.5 points
When it comes to user access, one of the more important personnel security issues is the need to keep ____ authorizations up to date.
· Question 26
2.5 out of 2.5 points
The ____ boundaries demarcate the physical space that the organization intends to control.
· Question 27
2.5 out of 2.5 points
Logically, the entry point into the process of assigning privileges to company roles is the ____ process.
· Question 28
2.5 out of 2.5 points
The ____ encompasses those principles, policies, and procedures that ensure essential business functions in the event of a disaster.
· Question 29
2.5 out of 2.5 points
The ____ is assigned based on the criticality of the component in the overall business process.
· Question 30
2.5 out of 2.5 points
The ____ documents all of the organization’s assumptions about continuity and has to be based on a careful analysis of the various business circumstances and environmental conditions for a given organization.
· Question 31
2.5 out of 2.5 points
____ itemizes and describes all foreseeable contingencies that might impact the organization.
· Question 32
2.5 out of 2.5 points
The key to success in continuity is ____.
· Question 33
2.5 out of 2.5 points
The ____ process maintains accountability by accumulating evidence to support conclusions about the target.
· Question 34
2.5 out of 2.5 points
An incident response procedure is then set in motion through a(n) ____ process.
· Question 35
2.5 out of 2.5 points
The ____ function integrates the incident response activities into a substantive and appropriate response to each adverse event as it happens.
· Question 36
2.5 out of 2.5 points
The role of the ____ function is to ensure that adequate preparation has been done to underwrite the success of the organization’s response to an incident.
· Question 37
2.5 out of 2.5 points
Much of the work that is involved in gathering information about an incident is done through the use of ____.
· Question 38
2.5 out of 2.5 points
____ are typically composed of all of the physical items that might need to be factored into the protection scheme, including all equipment and other physical property.
· Question 39
2.5 out of 2.5 points
There are normally three classes of items in each of the physical security management baselines: equipment, people, and the ____.
· Question 40
2.5 out of 2.5 points
Control of the human resources is really the duty of the ____ function.