Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following is the MOST critical for the
successful implementation and maintenance of a security policy?
A. Assimilation of the framework and intent of a written
security policy by all appropriate parties
B. Management support and approval for the implementation
and maintenance of a security policy
C. Enforcement of security rules by providing punitive
actions for any violation of security rules
D. Stringent implementation, monitoring and enforcing of
rules by the security officer through access control software
- 1 Answers
- 8138 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Assimilation of the framework and intent of a written
security policy by the users of the systems is critical to
the successful implementation and maintenance of security
policy. You may have a good password system, but if the
users of the system keep passwords written on his/her table,
the password system is of little value. Management support
and commitment is no doubt important, but for successful
implementation and maintenance of security policy, education
of the users on the importance on security is of paramount
importance. The stringent implementation, monitoring and
enforcing of rules by the security officer through access
control software and provision for punitive actions for
violation of security rules also are required along with the
user's education on the importance of security.
| Is This Answer Correct ? | 6 Yes | 0 No |
The information that requires special precaution to ensure integrity is termed? A. Public data B. Private data C. Personal data D. Sensitive data
Which of the following describes a difference between unit testing and system testing? A. Unit testing is more comprehensive. B. Programmers are not involved in system testing. C. System testing relates to interfaces between programs. D. System testing proves user requirements are complete.
Which of the following controls is LEAST likely to detect changes made online to master records? A. Update access to master file is restricted to a supervisor independent of data entry. B. Clerks enter updates online and are finalized by an independent supervisor. C. An edit listing of all updates is produced daily and reviewed by an independent supervisor. D. An update authorization form must be approved by an independent supervisor before entry.
An IS auditor reviewing the key roles and responsibilities of the database administrator (DBA) is LEAST likely to expect the job description of the DBA to include: A. defining the conceptual schema. B. defining security and integrity checks. C. liaising with users in developing data model. D. mapping data model with the internal schema.
Disaster recovery planning for a company's computer system usually focuses on: A. operations turnover procedures. B. strategic long-range planning. C. the probability that a disaster will occur. D. alternative procedures to process transactions.
The FIRST step in data classification is to: A. establish ownership. B. perform a criticality analysis. C. define access rules. D. create a data dictionary.
Information for detecting unauthorized input from a terminal would be BEST provided by the: A. console log printout. B. transaction journal. C. automated suspense file listing. D. user error report.
Classification of information systems is essential in business continuity planning. Which of the following system types can not be replaced by manual methods? A. Critical system B. Vital system C. Sensitive system D. Non-critical system
Which of the following audit procedures would MOST likely be used in an audit of a systems development project? A. Develop test transactions B. Use code comparison utilities C. Develop audit software programs D. Review functional requirements documentation
The key difference between a microwave radio system and a satellite radiolink system is that: A. microwave uses line-of-sight and satellite uses transponders during transmission. B. microwave operates through transponders placed on the earth's orbit. C. satellite uses line-of-sight during transmission. D. microwave uses fiber optic cables.
After implementation of a disaster recovery plan (DRP), pre-disaster and post-disaster operational cost for an organization will: A. decrease. B. not change (remain the same). C. increase. D. increase or decrease depending upon nature of the business.
When performing a review of the structure of an electronic funds transfer (EFT) system, an IS auditor observes that the technological infrastructure is based on a centralized processing scheme that has been outsourced to a provider in another country. Based on this information, which of the following conclusions should be the main concern of the IS auditor? A. There could be a question with regards to the legal jurisdiction. B. Having a provider abroad will cause excesive costs in future audits. C. The auditing process will be difficult because of the distances. D. There could be different auditing norms.
Cisco Certifications 
