Author: Anonymous

For leaders, implementing security policies is about working through others to gain their support and adhere to policies. Which of the following is not one of the widely accepted leadership rules that apply to security policies?

Two methods of authorization are role-based access control (RBAC) and attribute-based access control (ABAC). Although RBAC and ABAC can provide the same access, which of the following is an advantage of ABAC?

The difference between a flat and hierarchical organization is relative to its __________ and _________.

Which of the following has the responsibilities of directing policies and procedures designed to protect information resources, identifying vulnerabilities, and developing a security awareness program?

True or False? A key measurement of an organization’s risk appetite is its ability to dispose of risk.

True or False? Possible sources of motivation include pride, self-interest, fear, desire, and success.

True or False? In general, matrix relationships are created with control partners.

In order to be thoughtful about the implementation of security policies and controls, leaders must balance the need to reduce __________ with the impact to the business operations. Doing so could mean phasing security controls in over time or be as simple as aligning security implementation with the business’s training events.

True or False? The term “apathy” refers to indifference and lack of motivation.

True or False? In an organizational structure, the stakeholders in the line of business are focused on effective comprehensive assurance policies.