PoIS - Practice 4

System Administration, Networking, and Security Organization is better known as __________.

The International Society of Forensic Computer Examiners (ISFCE) offers which certifications?

Many organizations use a(n) __________ interview to remind the employee of contractual obligations, such as nondisclosure agreements, and to obtain feedback on the employee’s tenure in the organization

________ are hired by the organization to serve in a temporary position or to supplement the existing workforce.

The CISA credential is touted by ISACA as the certification that is appropriate for all but which type of professionals?

Like the CISSP, the SSCP certification is more applicable to the security__________ than to the security __________,

_________ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization’s security technology is properly implemented

According to Schwartz, Erwin, Weafer, and Briney "__________" are the real techies who create and install security solutions

Which of the following is not one of the categories of positions as defined by Schwartz, Erwin, Weafer, and Briney?

An ideal organization fosters resilience to change.

The RFP determines the impact that a specific technology or approach can have on the organization’s information assets and what it may cost

The effective use of a DMZ is one of the primary methods of securing an organization’s networks

Project managers can reduce resistance to change by involving employees in the project plan. In the systems development parts of a project, this is referred to as __________

By managing the __________, the organization can reduce unintended consequences by having a process to resolve potential conflict and disruption that uncoordinated change can introduce.

Technology __________ guides how frequently technical systems are updated, and how technical updates are approved and funded

The __________ layer of the bull's-eye model includes computers used as servers, desktop computers, and systems used for process control and manufacturing systems

The __________ level of the bull’s-eye model establishes the ground rules for the use of all systems and describes what is appropriate and what is inappropriate; it enables all other information security components to function correctly

A __________ is usually the best approach to security project implementation

In a __________ implementation, the entire security system is put in place in a single office, department, or division before expanding to the rest of the organization.

The __________ methodology has been used by many organizations and requires that issues be addressed from the general to the specific, and that the focus be on systematic solutions instead of individual problems.

In the __________ process, measured results are compared against expected results.

Many public organizations must spend all budgeted funds within the fiscal year - otherwise, the subsequent year’s budget is __________.

A(n) __________, used to justify the project is typically prepared in the analysis phase of the SecSDLC, must be reviewed and verified prior to the development of the project plan.