Question

In: Computer Science

13.10 Assessment 1.   Which of the following groups should be included in an effort to develop an...

13.10 Assessment

1.   Which of the following groups should be included in an effort to develop an effective community of practice?

a.   Senior management

b.   Middle managers

c.   Information security personnel

d.   Users

e.   All of the above

f.   None of the above

2.   Changing the developer’s mindset and culture requires leadership, but also policy.

a.   True

b.   False

3.   NIST publication 800-30 promotes the integration of risk management practices into the Software Development Lifecycle (SDLC) using the ___.

a.   Comprehensive Assessment Plan

b.   2009 Risk Management Methodology

c.   Nine-step risk-assessment methodology

d.   SSDLC Methodology Outline

4.   HIPAA’s Title II deals with standards that relate to ___.

a.   Data systems that process and transmit PHI

b.   A child’s right to privacy

c.   Encryption of PHI

d.   Email use in the organization

e.   All of the above

f.   None of the above

5.   The CIO is responsible for the oversight of all data and information that flows in and out of the organization.

a.   True

b.   False

6.   The Family Educational Rights and Privacy Act (FERPA) applies to colleges and universities and any records that provide ___ of the student.

a.   Personal identification

b.   Document losses to the organization

c.   Student library cards

d.   Auditing software records

7.   Security awareness and training is essential to developing an employee force that is aware of the threats that are imminent to an organization.

a.   True

b.   False

8.   Policy enforcement can be done by using nontechnical controls only.

a.   True

b.   False

9.   Tacit knowledge is easy to transfer to users throughout the organization.

a.   True

b.   False

10.   An organization’s security policies should align with the following option or options:

a.   Risk management

b.   Federal regulations

c.   Local laws

d.   All of the above

Solutions

Expert Solution

Answer:------------

13.10 Assessment

1.   Which of the following groups should be included in an effort to develop an effective community of practice?

e.   All of the above

2.   Changing the developer’s mindset and culture requires leadership, but also policy.

a.   True

3.   NIST publication 800-30 promotes the integration of risk management practices into the Software Development Lifecycle (SDLC) using the ___.

c.   Nine-step risk-assessment methodology

4.   HIPAA’s Title II deals with standards that relate to ___.

b.   A child’s right to privacy

5.   The CIO is responsible for the oversight of all data and information that flows in and out of the organization.

a.   True

6.   The Family Educational Rights and Privacy Act (FERPA) applies to colleges and universities and any records that provide ___ of the student.

a.   Personal identification

7.   Security awareness and training is essential to developing an employee force that is aware of the threats that are imminent to an organization.

a.   True

8.   Policy enforcement can be done by using nontechnical controls only.

b.   False

9.   Tacit knowledge is easy to transfer to users throughout the organization.

b.   False

10.   An organization’s security policies should align with the following option or options:

d.   All of the above


Related Solutions

The nurse is assessing the clients gastrointestinal tract. Which subjective assessment should be included? Rebound tenderness...
The nurse is assessing the clients gastrointestinal tract. Which subjective assessment should be included? Rebound tenderness Diarrhea Generalized red abdominal rash Hematuria
What should be included in the nursing assessment of a patient with an actual or potential...
What should be included in the nursing assessment of a patient with an actual or potential fluid and electrolyte imbalance?
1. Which of the following should be included when teaching a client newly diagnosed with diabetes...
1. Which of the following should be included when teaching a client newly diagnosed with diabetes about dietary management? - Food intake should be decreased prior to exercise - Consistency between food intake and exercise is important - Carbohydrate are strictly limited before activity - Sugar intake should be increased to prevent hypoglycemia 2. Significant risk factors for development of venous thrombosis include. Select all that apply? - Altered blood coagulation - Stasis of blood - Vessel wall injury -...
Which of the following should be included in the analysis of a project? (mark all that...
Which of the following should be included in the analysis of a project? (mark all that apply) Finance cost. opportunity cost. sunk costs. erosion costs.
Which of the following items should be included in the value of the land Tax and...
Which of the following items should be included in the value of the land Tax and title costs All of these items should be included in the value of the land Clearing of the land for use Cash price of the land
Which of the following should NOT be included as part of manufacturing overhead at a company...
Which of the following should NOT be included as part of manufacturing overhead at a company that makes office furniture? [[selectone]] a. Idle time for direct labor. b. Sheet steel in a file cabinet made by the company. c. Manufacturing equipment depreciation. d. Taxes on a factory building.
Which of the following are not examples of directly attributable costs that should be included in...
Which of the following are not examples of directly attributable costs that should be included in the cost of acquisition for property, plant and equipment? Select one: a. Costs of opening a new facility. b. Initial delivery and handling costs c. Costs of site preparation d. Installation and assembly costs Property, plant and equipment includes items that: Select one: a. have no physical substance. b. are expected to be used up within one year from date of purchase. c. held...
What are the stages of preliminary risk assessment? What information should be included in a misuse...
What are the stages of preliminary risk assessment? What information should be included in a misuse case? Suggest two possible vulnerabilities when login/password authentication is used?
SQL Consider the following business question and determine which of the following should be included in...
SQL Consider the following business question and determine which of the following should be included in a fact/dimension table of the star schema             What was the revenue of the McDonald’s in Russia and France in 2017? A. Russia B. France C. Revenue D. Countries Answer for both Fact and Dimension tables. Please determine from the question which is part of the fact, and which is part of the dimension. There should be two answers.
Which of the following should be included in a project charter? A. Title and objective B....
Which of the following should be included in a project charter? A. Title and objective B. Funding and major risks C. Milestone schedule and key deliverables D. Key assumptions and constraints E. Approval and reporting requirements F. All of the above
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT