Related Questions

• There is only one type of information security policy within an organization.
• From the choices, what is one of the objectives in testing a company's security policies?
• True or False: The organizational security policy should dictate business objectives.
• Training users to be aware of social engineering tactics will prevent these types of attacks.
• Skillset Inc will accept the risk and the cost/benefit ratio indicates that the cost of the countermeasure outweighs the potential loss value, is an example of a residual risk type
• Standards, guidelines, and procedures are derived from the policy. True or false?
• A __________ policy removes the employee’s responsibility for making judgments about a potential social-engineering attack.
• The chance of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from the last backup to the new hard disk. The recovery person earns $10/hour. Calculate the SLE, ARO, and ALE. Assume the EF = 1 (100%). What is the closest approximate cost of this replacement and recovery operation per year?
• Which of these documents can be used as proof that the senior management has taken due care in protecting itself during intrusions and attacks?
• Which policy ensures that employees do not engage in any fraudulent activities, or prevents continuing of such activities?