Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following is the MOST critical for the
successful implementation and maintenance of a security policy?
A. Assimilation of the framework and intent of a written
security policy by all appropriate parties
B. Management support and approval for the implementation
and maintenance of a security policy
C. Enforcement of security rules by providing punitive
actions for any violation of security rules
D. Stringent implementation, monitoring and enforcing of
rules by the security officer through access control software
- 1 Answers
- 8076 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Assimilation of the framework and intent of a written
security policy by the users of the systems is critical to
the successful implementation and maintenance of security
policy. You may have a good password system, but if the
users of the system keep passwords written on his/her table,
the password system is of little value. Management support
and commitment is no doubt important, but for successful
implementation and maintenance of security policy, education
of the users on the importance on security is of paramount
importance. The stringent implementation, monitoring and
enforcing of rules by the security officer through access
control software and provision for punitive actions for
violation of security rules also are required along with the
user's education on the importance of security.
| Is This Answer Correct ? | 6 Yes | 0 No |
Which of the following disaster recovery/continuity plan components provides the GREATEST assurance of recovery after a disaster? A. The alternate facility will be available until the original information processing facility is restored. B. User management was involved in the identification of critical systems and their associated critical recovery times. C. Copies of the plan are kept at the homes of key decision making personnel. D. Feedback to management assuring them that the business continuity plans are indeed workable and that the procedures are current.
The security level of a private key system depends on the number of: A. encryption key bits. B. messages sent. C. keys. D. channels used.
Which of the following would be considered an essential feature of a network management system? A. A graphical interface to map the network topology B. Capacity to interact with the Internet to solve the problems C. Connectivity to a help desk for advice on difficult issues D. An export facility for piping data to spreadsheets
IS auditors who have participated in the development of an application system might have their independence impaired if they: A. perform an application development review. B. recommend control and other system enhancements. C. perform an independent evaluation of the application after its implementation. D. are involved actively in the design and implementation of the application system.
The BEST method of proving the accuracy of a system tax calculation is by: A. detailed visual review and analysis of the source code of the calculation programs. B. recreating program logic using generalized audit software to calculate monthly totals. C. preparing simulated transactions for processing and comparing the results to predetermined results. D. automatic flowcharting and analysis of the source code of the calculation programs.
Connection-oriented protocols in the TCP/IP suite are implemented in the: A. transport layer. B. application layer. C. physical layer. D. network layer.
A programmer managed to gain access to the production library, modified a program that was then used to update a sensitive table in the payroll database and restored the original program. Which of the following methods would MOST effectively detect this type of unauthorized changes? A. Source code comparison B. Executable code comparison C. Integrated test facilities (ITF) D. Review of transaction log files
Which tests is an IS auditor performing when certain program is selected to determine if the source and object versions are the same?
Which of the following pairs of functions should not be combined to provide proper segregation of duties? A. Tape librarian and computer operator B. Application programming and data entry C. Systems analyst and database administrator D. Security administrator and quality assurance
Which of the following is an objective of a control self-assessment (CSA) program? A. Audit responsibility enhancement B. Problem identification C. Solution brainstorming D. Substitution for an audit
A critical function of a firewall is to act as a: A. special router that connects the Internet to a LAN. B. device for preventing authorized users from accessing the LAN. C. server used to connect authorized users to private trusted network resources. D. proxy server to increase the speed of access to authorized users.
When selecting software, which of the following business and technical issues is the MOST important to be considered? A. Vendor reputation B. Requirements of the organization C. Cost factors D. Installed base
Cisco Certifications 
