Академический Документы
Профессиональный Документы
Культура Документы
PLEASE NOTE
TOTAL: 120
MARK (%):
F 2. When an incident takes place, the disaster recovery plan (DRP) is invoked
before the incident response plan (IRP).
1. Confidentiality
2. Integrity
3. Availability
2. List the three stages during which information should be protected. [3]
1. Storage
2. Transmission
3. Processing
3. The principles of information security management are known as the six Ps. List
any four of these principles. [4]
1. Policy / Planning
2. Programs / Project Management
3. People
4. Protection
1. Strategic
2. Tactical
3. Operational
2. Given the definitions below, list the three statements within which the overall
business strategy is normally captured. [3]
1. Investigation
2. Analysis
3. Logical design
4. Physical design
5. Implementation
6. Maintenance
1. Possible
2. Probable
3. Definite
1. Electronic vaulting
2. Database shadowing
3. Remote journaling
Q7: Short Questions (Chapter 4) [15]
Answer each question briefly.
1. What three basic rules should be followed when shaping a policy? [3]
2. List the three main types of policies found within a typical organization.
(Do not use abbreviations!) [3]
4. List any five criteria policies must adhere to in order to be effective. [5]
1. Security education
2. Security training
3. Security awareness
4. List any three items that are commonly used as trinkets. [3]
5. Beyond trinkets, there are many other methods/ways by which you could raise
awareness of information security. List any five other methods. [5]
1. List the three key principles upon which access control is built. [3]
1. Least privilege
2. Need to know
3. Separation of duties
2. Match the following models with the most correct definitions as provided in the
table below. [5]
3. What are three notable advantages of NIST documents over other sources of
security information? [3]
1. Policies Managerial
2. Data backups Technical
3. Gates, fences and guards Operational
4. Disaster recovery plan Managerial
Estimated
Activity Description Duration Predecessor
(days)
Evaluate current technology
A 1 None
platform
D Set-up server 2 B
I Train users 2 H
2. Complete the Gantt chart for the above scenario using the template provided.[13]
Assume the project will start on Tuesday, 12th March 2013 and that no work is
carried out on weekends and public holidays.
You therefore need to take the following public holidays into consideration:
12 April 2013