CSIA 412 Quiz 2
What is a project plan?
| |
|
a policy tool |
| |
|
a process used to complete work |
| |
|
a rule |
| |
|
a visio drawing with lines between boxes |
| Question 2 |
Select the item that correctly completes this statement: A project manager ____________.
| |
|
is the person responsible for completing the project |
| |
|
determines how information about a project is shared with the organization |
| |
|
implements policies that govern the organization |
| |
|
approves the resources required to complete a project |
| Question 3 |
What is a gap analysis?
| |
|
a process that eliminates risk that a project will fail |
| |
|
a key factor in determining the lenght of time needed for policy implementation |
| |
|
a process that can be completed without knowing the project objectives |
| |
|
a report created by the project management when the project will cost more than $500,000 |
| Question 4 |
A communication plan defines _______________________________
| |
|
the communication requirements of a project and how project information is distributed |
| |
|
who in the organization is allowed to talk to the press about projects |
| |
|
who is responsible for controlling all the information pertaining to a project |
| |
|
who must receive emails about a project |
| Question 5 |
A well-designed and executed policy implementation plan __________________
| |
|
defines the project requirements (time, resources, money) |
| |
|
guarantees successful implementation and execution of a project |
| |
|
establishes the governance polices of the organization |
| |
|
establishes what level of participation is expected from each member of the organization |
| Question 6 |
Project planning is required for successful creation and implmentation of policies.
What organization serve practitioners and organizations with standards that describe good practices, globally recognized credentials that certify project management expertise, and resources for professional development, networking and community.
| |
|
Assocation for Project Managers |
| |
|
Project Management Institute |
| |
|
Project Management Association |
| |
|
Project Management Program |
| Question 8 |
What is an industry best practice?
| |
|
a policy required by the organization to chose technical standards |
| |
|
a standard required for implementation by all federal agencies |
| |
|
a generally accepted standard widely accepted to complete a task |
| |
|
a new solution used a few times to solve a problem |
| Question 9 |
The primary objective of industry best practices is to
| |
|
limit configuration standards |
| |
|
reduce organizational complexity by complying with standards |
| |
|
ensure uniform implmementation of a standard |
| |
|
reduce implementation costs by complying with standards |
| Question 10 |
Which of the following are standards organizations?
| |
|
NIST, ISO, SANS |
| |
|
PMI, SANS, CISCO |
| |
|
ISO, SANS, PMI |
| |
|
COSO, PMI, NIST |
| Question 11 |
What are the three main barriers to adoption of a best practice?
| |
|
limited awareness, insufficent training, lack of security |
| |
|
limited awareness, reluctance to change, insufficient training |
| |
|
reluctance to change, limited awareness, conflicts with policies |
| |
|
insufficient training, unsuccessful resolution to the problem, limited awareness |
| Question 12 |
What are steps for policy implementation?
| |
|
Define Requirements, Obtain Budget, Purchase Technology, Deploy Policies |
| |
|
Define the Security Requirements, Define the Organization, Deploy Policies, and Enforce Policies |
| |
|
Deploy Policies, Train Employees, Establish Performance Metrics, Obtain Budget |
| |
|
Establish Performance Metrics, Deploy Technology, Deploy Policies, Enforce Policies |
| Question 13 |
How can a policy implementation plan enable an organization to achieve compliance with requisite information security standards?
| |
|
The policy implementation plan details how the organization will insert new technology to support the standards |
| |
|
The policy implementation plan offers guidance but does not have to be followed |
| |
|
The policy implementation plan establishes clear objectives for complying with standards |
| |
|
The policy implementation plan, once created, remains static until new standards are released |
| Question 14 |
How can industry best practices influence organizational security policies?
| |
|
Best practices enable organizations to evaluate and manage risk prior to implementation |
| |
|
Best practices offer organizations proven methods of implementing security practices, saving the organization time and money |
| |
|
Best practices are a one-size fit all solution to any security problem |
| |
|
Best practices place a single individual, like the Chief Information Security Officer, in charge of overseeing and enforcing all security practices for the organization |
