True or False? An agent of change in an organization should be a leader who follows the pack.
Blog
True or False? Rather than building rules into security poli…
True or False? Rather than building rules into security policies for each regulation, a best practice is to build in the key control concepts found in many regulations.
In order to build a coalition, it’s the responsibility of th…
In order to build a coalition, it’s the responsibility of the information security officer (ISO) to reach out to stakeholders, explain the policy change, and listen to concerns. Many organizations have what are called control partners, who give input before a policy change can be made. Which of the following is not an example of control partners found in many large organizations?
In a hierarchical organization, there are a large number of…
In a hierarchical organization, there are a large number of touch points and personalities that must be engaged to successfully implement a security policy. As the number of touch points increases, the number of complex __________ also increases between stakeholders.
The span of control relates to the number of layers and numb…
The span of control relates to the number of layers and number of direct reports found in an organization. All of the following are true of organizational structure and span of control, except:
Remote access is a concern because the person is coming from…
Remote access is a concern because the person is coming from a public network. For stronger security, many organizations require two-factor authentication for remote access. Which of the following is not one of the commonly accepted types of authentication credentials?
Successful security policy implementation in the workplace d…
Successful security policy implementation in the workplace depends on people understanding key concepts and embracing the material. Thus, people need to be motivated to succeed if they are going to implement such policies. Which of the following sources of motivation is generally not recommended?
True or False? An acceptable use policy provides guidance to…
True or False? An acceptable use policy provides guidance to employees on posting the organization’s information online.
All of the following are general rules and guidelines for ha…
All of the following are general rules and guidelines for handling privacy data, except:
Several U.S. compliance laws provide confidence in the finan…
Several U.S. compliance laws provide confidence in the financial markets. __________ are the primary beneficiaries of these laws.