安全管理習題講解ppt課件-資料下載頁
2025-01-17 01:41本頁面
【正文】 esponsible for ensuring that proper controls are in place to address integrity, confidentiality, and availability of IT systems and data? A Business and functional managers B Chief information officer C IT Security practitioners D System and information owners D 每時每刻 可信安全 44 Related to information security, the guarantee that the message sent is the message received is an example of which of the following? A integrity B identity C availability D confidentiality A 每時每刻 可信安全 45 Which one of the following represents an ALE calculation? A asset value x loss expectancy B actual replacement cost proceeds of salvage C gross loss expectancy x loss frequency D single loss expectancy x annualized rate of occurrence D 每時每刻 可信安全 46 Which of the following choices is NOT part of a security policy? A description of specific technologies used in the field of information security B definition of overall steps of information security and the importance of security C statement of management intend, supporting the goals and principles of information security D definition of general and specific responsibilities for information security management A 每時每刻 可信安全 47 Which of the following statements pertaining to a security policy is incorrect? A It must be flexible to the changing environment. B Its main purpose is to inform the users, administrators and managers of their obligatory requirements for protecting technology and information assets. C It needs to have the acceptance and support of all levels of employees within the anization in order for it to be appropriate and effective. D It specifies how hardware and software should be used throughout the anization. D 每時每刻 可信安全 48 Which of the following could be defined as the likelihood of a threat agent taking advantage of a vulnerability? A A risk B A countermeasure C An exposure D A residual risk A 每時每刻 可信安全 49 Which of the following should be given technical security training? A Senior managers, functional managers and business unit managers B Security practitioners and information systems auditors C IT support personnel and system administrators D Operators C 每時每刻 可信安全 50 Related to information security, availability is the opposite of which of the following? A distribution B destruction C documentation D delegation B 每時每刻 可信安全 51 Which must bear the primary responsibility for determining the level of protection needed for information systems resources? A Seniors security analysts B systems auditors C Senior Management D IS security specialists C 每時每刻 可信安全 52 What would best define risk management? A The process of eliminating the risk B The process of reducing risk to an acceptable level C The process of assessing the risks D The process of transferring risk B
試題試卷相關推薦
鄂ICP備17016276號-1