Chapter 14

Question 1

What concept below is at the very heart of information security?

Answer 1

risk

Question 2

Due to the potential impact of changes that can affect all users in a organization, and considering that
security vulnerabilities can arise from uncoordinated changes, what should an organization create to
oversee changes?

Answer 2

change management team

Question 3

What may be defined as the components required to identify, analyze, and contain an incident?

Answer 3

Incident reponse

Question 4

What is the name for a framework and corresponding functions required to enable incident response
and incident handling within an organization?

Answer 4

Incident management

Question 5

A written document that states how an organization plans to protect the company’s information
technology assets is a:

Answer 5

security policy

Question 6

A collection of suggestions that should be implemented are referred to as a:

Answer 6

Guideline

Question 7

Select below the option that best describes a policy:

Answer 7

A document that outlines specific requirements or rules that must be met

Question 8

Generally considered to be the most important information security policies, what item below defines
the actions a user may perform while accessing systems and networking equipment?

Answer 8

Acceptable use policies

Question 9

What kind of policy outlines how organizations use personal information it collects?

Answer 9

Privacy

Question 10

Policies that include statements regarding how an employee’s information technology resources will
be addressed are part of a:

Answer 10

security-related human resource policy

Question 11

A person’s fundamental beliefs and principals, which are used to define what is good, and how to
distinguish right from wrong, are collectively called a person’s:

Answer 11

Values

Question 12

What are values that are attributed to a system of beliefs that help the individual distinguish right
from wrong called?

Answer 12

Morals

Question 13

What can be defined as the study of what a group of people understand to be good and right behavior
and how people make those judgments?

Answer 13

Ethics

Question 14

Which type of network below uses a direct connection between users, and involves each device
simultaneously acting as a client and a server?

Answer 14

P2P

Question 15

Websites that group individuals and organizations into clusters or groups based on some sort of
affiliation are considered to be what type of websites?

Answer 15

social networking

Question 16

Which term below describes the art of helping an adult learn?

Answer 16

andragogica

Question 17

What kind of learners learn from taking notes, being at the front of the class, and watching
presentations?

Answer 17

Visual

Question 18

What type of learner tends to sit in the middle of the class and learns best through lectures and
discussions?

Answer 18

Auditory

Question 19

What type of learner learns best through hands-on approaches?

Answer 19

Kinesthetic

Question 20

What is the most common type of P2P network?

Answer 20

Bittorrent