FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 11: Security and Personnel

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 31

True/False

Review LaterAdd Note

Review Later

To maintain a secure facility, all contract employees should be escorted from room to room, as well as into and out of the facility.

Correct Answer

verified

Show Answer

Question 32

True/False

Review LaterAdd Note

Review Later

In most cases, organizations look for a technically qualified information security generalist who has a solid understanding of how an organization operates.

Correct Answer

verified

Show Answer

Question 33

Essay

Review LaterAdd Note

Describe the concept of separation of duties.

Sometimes, contracted employees are self-employed or are employees of an organization hired for a specific, one-time purpose. These people are typically referred to as ____________________.

What functions does the CISO perform

The information security function cannot be placed within protective services.

The information security function can be placed within the __________.

The general management community of interest must work with information security professionals to integrate solid information security concepts into the personnel management practices of the organization.

Which of the following is not one of the categories of positions defined by Schwartz, Erwin, Weafer, and Briney  

According to Schwartz, Erwin, Weafer, and Briney, "__________" are the real techies who create and install security solutions.

__________ is the requirement that every employee be able to perform the work of another employee.

The use of standard job descriptions can increase the degree of professionalism in the information security field.

When new employees are introduced into the organization's culture and workflow, they should receive an extensive information security briefing as part of their employee ____________________.

The ____________________ of (ISC)2 program is geared toward those who want to take the CISSP or SSCP exam before obtaining the requisite experience for certification.

"Administrators" provide the policies, guidelines, and standards in the Schwartz, Erwin, Weafer, and Briney classification. _________________________

ISACA touts the CISA certification as being appropriate for accounting, networking, and security professionals._________________________

Because the goals and objectives of CIOs and CISOs tend to contradict each other, InformationWeek recommends: "The people who do and the people who watch shouldn't report to a ____________________ manager."

"Builders" in the field of information security provide day-to-day systems monitoring and use to support an organization's goals and objectives.

Many hiring managers in information security prefer to recruit a security professional who already has proven HR skills and professional experience, since qualified candidates with information security experience are scarce. _________________________

The ISSMP examination is designed to provide CISSPs with a mechanism to demonstrate competence in __________.