Exam 3
The three constraints in strategy development can be which of the
following: - answer Direct, consequential, or peripheral
Each of the following can be used in defining an organizations desired state except for: -
answer None of the above
An information security strategy is - answer The objectives of information security
coupled with the plans to achieve it
From the text and class, which one of the following is not an identified causes for
strategy failures: - answer Knowing the culture and the landscape of the organization
and the environment it operates in
The two general classes of constraints are: - answer Contextual and Operational
The two greatest issues or difficulties in developing strategy are: - answer Cultural and
Structural
The NIST Cyber Security Framework (CSF) and the Sherwood Applied Business
Security Architecture (SABSA) are both Security Architecture Frameworks and which of
the following answers best describes the characteristics of both frameworks -
answerNIST CSF and SABSA are technology neutral,
SABSA is both technology and controls neutral
The amount of data transactions that are allowed to be lost following a computer failure
(i.e., duration of orphan data) is the - answerRecovery Point Objective
When the Recovery Point Objective (RPO) is very short, the best solution is -
answerData mirroring
In managing a cyber crisis, it requires expertise in which of the following - answerCrisis
Management,
Cyber Security
What do business continuity plans build within a business? - answerA more resilient,
agile business
Event Damage Classifications as presented in class include the following except for: -
answerCaptain
Classification of Services as presented in class include the following
The three constraints in strategy development can be which of the
following: - answer Direct, consequential, or peripheral
Each of the following can be used in defining an organizations desired state except for: -
answer None of the above
An information security strategy is - answer The objectives of information security
coupled with the plans to achieve it
From the text and class, which one of the following is not an identified causes for
strategy failures: - answer Knowing the culture and the landscape of the organization
and the environment it operates in
The two general classes of constraints are: - answer Contextual and Operational
The two greatest issues or difficulties in developing strategy are: - answer Cultural and
Structural
The NIST Cyber Security Framework (CSF) and the Sherwood Applied Business
Security Architecture (SABSA) are both Security Architecture Frameworks and which of
the following answers best describes the characteristics of both frameworks -
answerNIST CSF and SABSA are technology neutral,
SABSA is both technology and controls neutral
The amount of data transactions that are allowed to be lost following a computer failure
(i.e., duration of orphan data) is the - answerRecovery Point Objective
When the Recovery Point Objective (RPO) is very short, the best solution is -
answerData mirroring
In managing a cyber crisis, it requires expertise in which of the following - answerCrisis
Management,
Cyber Security
What do business continuity plans build within a business? - answerA more resilient,
agile business
Event Damage Classifications as presented in class include the following except for: -
answerCaptain
Classification of Services as presented in class include the following
