CIS 462 All Assignments CIS 462 All Assignments | Page 11
(13) __________ is the ability to reasonably ensure conformity and adherence to both internal
and external policies, standards, procedures, laws, and regulations.
(14) What is included in an IT policy framework?
(15) Incident reporting, incident management, and user ID addition/removal are examples of
which of the following?
(16) Which of the following are written instructions on how to comply with standards?
(17) What is something you can measure against to demonstrate value, such as gauging if
you’ve reasonably covered risks in your organization?
(18) Which personality type tends to be best suited for delivering security awareness training?
(19) In Kotter’s change model, which step is generally part of informal discussions rather than
part of the formal implementation process?
(20) A primary reason why security policies often fail is ___________.
(21) Which of the following is not true of security policy enforcement?
(22) In Kotter’s change model, in which step does the ISO work with line management to collect
metrics for assessing the policies’ effectiveness and ensure metrics are meaningful?
(23) Which personality type tends to be associated with good leaders?
(24) The basic elements of motivation include pride, success, and __________.
(25) Disaster recovery and tape backups are examples of which type of security control?
(26) What is the primary role of a security policy evangelist?
(27) Before you begin security policy awareness training, what is the first step you should take
to help ensure success?
(28) Which of the following is not a security awareness training best practice?
(29) When publishing an internal security policy or standard, which role or department usually
gives final approval?
(30) One of the key factors of a successful implementation of an organization-wide security
policy
is _______________.