Test Bank for Developing Cybersecurity Programs and Policies, 3rd Edition

Preview Extract
Developing Cybersecurity Programs and Policies (Santos) Chapter 2 Cybersecurity Policy Organization, Format, and Styles 1) Which of the following is not an example of a standard? A) Passwords must include at least one special character. B) Passwords must not include repeating characters. C) Pass phrases make good passwords. D) Passwords must not include the userโ€™s name. Answer: C 2) Which of the following version numbers is an example of a major policy revision? A) 3.5 B) 4.0 C) 4.1 D) 5.1 Answer: B 3) Which of the following version numbers would indicate a minor revision? A) IV B) 2.0 C) 2.1 D) 3.0 Answer: C 4) Where is the policy introduction located in a consolidated policy document? A) In a separate document B) Before the version control table C) At the beginning of the document D) After the version control table Answer: D 5) What is the purpose of the administrative notations section of a policy? A) To refer the reader to additional information B) To explain terms, abbreviations, and acronyms used in the policy C) To provide the policy version number D) To provide information about policy exceptions Answer: A 6) What is the purpose of the policy definition section? A) To provide information about policy exceptions B) To refer the reader to additional information C) To explain terms, abbreviations, and acronyms used in the policy D) To provide the policy version number Answer: C 1 Copyright ยฉ 2018 Pearson Education, Inc. 7) Which of the following statements about standards and guidelines is true? A) Standards are mandatory, whereas guidelines are not. B) Guidelines are mandatory, whereas standards are not. C) Both standards and guidelines are mandatory. D) Neither standards nor guidelines are mandatory. Answer: A 8) Which of the following procedure formats is best suited when there is a decision-making process associated with a task? A) Simple Step B) Flowchart C) Hierarchical D) Graphic Answer: B 9) Which of the following best describes a baseline? A) Specifications for implementation of a policy B) Instructions on how a policy is carried out C) Application of a standard to a specific category or grouping D) Teaching tools that help people conform to a policy Answer: C 10) Which of the following best describes a procedure? A) Application of a standard to a specific category or grouping B) Instructions on how a policy is carried out C) Teaching tools that help people conform to a policy D) Specifications for implementation of a policy Answer: B 11) Which of the following statements about policies and standards is true? A) Policies are mandatory, whereas standards are not. B) Standards are mandatory, whereas policies are not. C) Both policies and standards are mandatory. D) Neither policies nor standards are mandatory. Answer: C 12) Which of the following is the topmost object in the policy hierarchy? A) Standards B) Baselines C) Procedures D) Guiding Principles Answer: D 2 Copyright ยฉ 2018 Pearson Education, Inc. 13) Which of the following is one of the ten plain language techniques for policy writing? A) Use passive voice. B) Include redundant pairs or modifiers. C) Use long sentences. D) Limit a paragraph to one subject. Answer: D 14) Which of the following is not one of the plain language techniques for policy writing? A) Use active voice. B) Write short sentences. C) Use โ€œshallโ€ instead of โ€œmust.โ€ D) Avoid double negatives. Answer: C 15) What is the purpose of the policy exceptions section of a policy document? A) To acknowledge exclusions B) To track changes C) To convey intent D) To identify the topic Answer: A 16) Which of the following refers to the relationship between a policy and its supporting documents? A) Policy format B) Policy hierarchy C) Policy audience D) Policy objectives Answer: B 17) Which of the following identifies a policy by name and provides the reader with an overview of the policy topic or category? A) Policy heading B) Policy goal C) Policy objective D) Policy statement Answer: A 18) Which of the following is best thought of as a high-level directive or strategic roadmap? A) Policy objective B) Policy heading C) Policy statement D) Policy goal Answer: C 3 Copyright ยฉ 2018 Pearson Education, Inc. 19) A(n) __________ or waiver process is required for exceptions identified after a policy has been authorized. A) administrative notation B) policy statement C) policy definition D) exemption Answer: D 20) Where are the policy definitions located in a consolidated policy document? A) At the beginning of the document B) At the end of the document C) Just after the policy heading D) In a separate document Answer: B 4 Copyright ยฉ 2018 Pearson Education, Inc.

Document Preview (4 of 64 Pages)

User generated content is uploaded by users for the purposes of learning and should be used following SchloarOn's honor code & terms of service.
You are viewing preview pages of the document. Purchase to get full access instantly.

Shop by Category See All


Shopping Cart (0)

Your bag is empty

Don't miss out on great deals! Start shopping or Sign in to view products added.

Shop What's New Sign in