Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following is the MOST critical for the
successful implementation and maintenance of a security policy?
A. Assimilation of the framework and intent of a written
security policy by all appropriate parties
B. Management support and approval for the implementation
and maintenance of a security policy
C. Enforcement of security rules by providing punitive
actions for any violation of security rules
D. Stringent implementation, monitoring and enforcing of
rules by the security officer through access control software
- 1 Answers
- 8162 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Assimilation of the framework and intent of a written
security policy by the users of the systems is critical to
the successful implementation and maintenance of security
policy. You may have a good password system, but if the
users of the system keep passwords written on his/her table,
the password system is of little value. Management support
and commitment is no doubt important, but for successful
implementation and maintenance of security policy, education
of the users on the importance on security is of paramount
importance. The stringent implementation, monitoring and
enforcing of rules by the security officer through access
control software and provision for punitive actions for
violation of security rules also are required along with the
user's education on the importance of security.
| Is This Answer Correct ? | 6 Yes | 0 No |
One of the purposes of library control software is to allow: A. programmers access to production source and object libraries. B. batch program updating. C. operators to update the control library with the production version before testing is completed. D. read-only access to source code.
Which of the following should be of MOST concern to an IS auditor? A. Lack of reporting of a successful attack on the network B. Failure to notify police of an attempted intrusion C. Lack of periodic examination of access rights D. Lack of notification to the public of an intrusion
Of the following who is MOST likely to be responsible for network security operations? A. Users B. Security administrators C. Line managers D. Security officers
Which of the following would an IS auditor place LEAST reliance on when determining management's effectiveness in communicating information systems policies to appropriate personnel? A. Interviews with user and IS personnel B. Minutes of IS steering committee meetings C. User department systems and procedures manuals D.Information processing facilities operations and procedures manuals
When assessing the portability of a database application, the IS auditor should verify that: A. a structured query language (SQL) is used. B. information import and export procedures with other systems exist. C. indexes are used. D. all entities have a significant name and identified primary and foreign keys.
The role of IT auditor in complying with the Management Assessment of Internal Controls (Section 404 of the Sarbanes-Oxley Act) is: A. planning internal controls B. documenting internal controls C. designing internal controls D. implementing internal controls
For an online transaction processing system, transactions per second is a measure of: A. throughput. B. response time. C. turnaround time. D. uptime.
A network diagnostic tool that monitors and records network information is a/an: A. online monitor. B. downtime report. C. help desk report. D. protocol analyzer.
Which of the following provisions in a contract for external information systems services would an IS auditor consider to be LEAST significant? A. Ownership of program and files B. Statement of due care and confidentiality C. Continued service of outsourcer in the event of a disaster D. Detailed description of computer hardware used by the vendor
The rate of change of technology increases the importance of: A. outsourcing the IS function. B. implementing and enforcing good processes. C. hiring personnel willing to make a career within the organization. D. meeting user requirements.
The purpose of debugging programs is to: A. generate random data that can be used to test programs before implementing them. B. protect, during the programming phase, valid changes from being overwritten by other changes. C. define the program development and maintenance costs to be include in the feasibility study. D. ensure that program abnormal terminations and program coding flaws are detected and corrected.
In planning a software development project, which of the following is the MOST difficult to determine? A. Project slack times B. The project's critical path C. Time and resource requirements for individual tasks D. Relationships that preclude the start of an activity before others are complete
Cisco Certifications 
