Information Security Governance & Risk Management
To maintain and enforce policies to ensure the preservation of information security, and to have plans to account for applicable risks.
- Which of the following DoD directives defines DITSCAP as the standard C&A process for the Department of Defense?
- Which of the following security models dictates that subjects can only access objects through applications?
- Which of the following US Acts emphasized a "risk-based policy for cost-effective security" and makes mandatory for agency program officials, chief information officers, and inspectors general (IGs) to conduct annual reviews of the agency's information security program and report the results to Office of Management and Budget?
- You are advising a school district on disaster recovery plans. In case a disaster affects the main IT centers for the district they will need to be able to work from an alternate location. However, budget is an issue. Which of the following is most appropriate for this client?
- Which of the following are the goals of risk management? Each correct answer represents a complete solution. Choose three.
- Which of the following statements about the availability concept of Information security management is true?
- In which of the following levels of exception safety are operations succeeded with full guarantee and fulfill all needs in the presence of exceptional situations?
- Which of the following refers to a process that is used for implementing information security?
- Which of the following is a chronological record of system activities to enable the reconstruction and examination of the sequence of events and/or changes in an event?
- Security is a state of well-being of information and infrastructures in which the possibilities of successful yet undetected theft, tampering, and/or disruption of information and services are kept low or tolerable. Which of the following are the elements of security? Each correct answer represents a complete solution. Choose all that apply.