Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
4 Cards in this Set
- Front
- Back
|
The change management procedure most likely to cause concern to the INFOSEC manager is when.
A. Fallback processes are tested the weekend immediately prior to when the changes are made. B. Manual process is used by operations for comparing program versions. C. Users are notified vial electronic mail of major scheduled system changes. D. Development managers have final authority for releasing new programs into production. |
D. Development managers have final authority for releasing new programs into production.
|
|
|
Which of the following would indicate that an automated production scheduling system has inadequate security controls?
A. Control statements are frequently changed to point to test libraries. B. Failure of a process will automatically initiate the resetting of parameters. C. Developers have read access to both production and test schedules. D. Scheduling personnel have the ability to initiate an emergency override. |
A. Control statements are frequently changed to point to test libraries.
|
|
|
When a trading partner who has access to the corporate internal network refuses to follow corporate security policies, the INFOSEC Mgr. should initiate the following?
A. Revoke their access. B. Provide minimal access. C. Send a breach of contract letter. D. Contact the partner's external auditors. |
B. Provide minimal access.
|
|
|
Which of the following is most important in writing good information security policies?
A. Easy to read and understand. B. Allows for flexible interpretation. C. Describes technical vulnerability issues D. Changes whenever operating systems are upgraded. |
A. Easy to read and understand.
|
