FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 5: Developing the Security Program

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 1

Multiple Choice

Review LaterAdd Note

Review Later

Which of the following is a disadvantage of the one-on-one training method?

A) Inflexible
B) May not be responsive to the needs of all the trainees
C) Content may not be customized to the needs of the organization
D) Resource intensive, to the point of being inefficient

E) None of the above
F) B) and D)

Correct Answer

verified

Show Answer

Question 2

True/False

Review LaterAdd Note

Review Later

A(n)large-sized organization typically spends about $300 per user on information security._________________________

A) True
B) False

Correct Answer

verified

Show Answer

Question 3

True/False

Review LaterAdd Note

Threats from insiders are more likely in a small organization than in a large one.

When users call an organization with problems with their computers,the network,or an Internet connection,they speak with the ____.

On-the-job training can result in substandard work performance while the trainee gets up to speed.

Security ____________________ involves providing members of the organization with detailed information and hands-on instruction to enable them to perform their duties securely.

A security ____________________ is the most cost-effective method of disseminating security information and news to employees.

An organization's ____________________ program refers to the structure and organization of the effort that strives to contain the risks to the information assets of the organization.

The three elements of a SETA program are security education,security training,and ____________________.

The distance learning method of training is in use when a single trainer works with multiple trainees in a formal setting._________________________

Small organizations spend an average of ____ of their IT budget on security.

The ____________________ function maintains awareness of planned and actual laws and their impact,and coordinates with outside legal council and law enforcement agencies.

In informing and preparing employees for their role in information security,security awareness provides the "what",training provides the "how" and education provides the "why"._________________________

An organization's size does not affect the structure of the organization's information security program.

The information security ____ is typically an expert in some aspect of information security,who is brought in when the organization makes the decision to outsource one or more aspects of its security program.

Training for management should be conducted in large groups.

Which of the following variables is the most influential in determining how to structure an information security program?

In the on-the-job method of training,a trainer works with each trainee on an individual basis._________________________

A medium-sized organization has ____.

A security technician is usually an entry-level position.