Exam (elaborations) SPR IG Operations Questions and answers

Exam (elaborations) SPR IG Operations Questions and answers User Ubeda Sawda Course 2018_SPR_IG_Operations Security_01_20_21_COMBINED Test Quiz #3 Started 1/23/18 6:37 PM Submitted 1/23/18 8:31 PM Due Date 1/28/18 11:59 PM Status Completed Attempt Score 90.00000 out of 100.00000 points Time Elapsed 1 hour, 54 minutes Results Displayed • Question 1 All Answers, Submitted Answers, Correct Answers 5.00000 out of 5.00000 points In an issue-specific standard, the section defines a security issue and any relevant terms, distinctions, and conditions. Selected Answer: statement of an issue Answers: definition of roles and responsibilities statement of applicability statement of the organization’s position statement of an issue • Question 2 5.00000 out of 5.00000 points In a (n) , there are policies, standards, baselines, procedures, guidelines, and taxonomy. Selected Answer: IT policy framework Answers: asset management policy IT policy framework control standard risk assessment policy • Question 3 5.00000 out of 5.00000 points One example of granularity is a policy that requires an e-mail server to have a specific configuration in order to be considered secure and a server-based monitoring tool that can report the configuration and compliance to the appropriate personnel. In this scenario, the policy is appropriately fine-grained and automates enforcement. Selected Answer: True Answers: True False • Question 4 0.00000 out of 5.00000 points If a security policy clearly distinguishes the responsibilities of computer services providers from those of the managers of applications who use the computer services, which of the following goals is served? Selected Answer: confidentialit y Answers: accountabilit y confidentialit y scope compliance • Question 5 5.00000 out of 5.00000 points It is important to create an IT security program structure that aligns with program and organizational goals and describes the operating and risk environment. Which of the following is one of the important issues for the structure of the information security program? Selected Answer: Management and coordination of security-related resources Answers: Human resources security Management and coordination of security-related resources Access control Asset management • Question 6 5.00000 out of 5.00000 points Which of the following statements best captures the role of information security teams in ensuring compliance with laws and regulations? Selected Answer: Information security personnel work with their organizations’ compliance and legal teams to determine violations of an organization’s security policy. Answers: Information security personnel must be trained lawyers, and as