Quiz 7 - Information Security Policy Framework PDF
Document Details
Uploaded by ChasteFriendship
Nelson Mandela University
2024
s225224771-Majavu Ambesiwe
Tags
Summary
This is a quiz on information security policy framework. It covers questions related to compliance, procedures, and policies for information security. The quiz is part of the ITMG302 course at Nelson Mandela University.
Full Transcript
# ITMG302: IT Management and Governance ## Week 7: 28 Aug - Quiz 7 - Information Security Policy Framework ### **s225224771-Majavu Ambesiwe** - **Started on:** Monday, 9 September 2024, 3:00 PM - **State:** Finished - **Completed on:** Monday, 9 September 2024, 3:09 PM - **Time taken:** 9 mins 51...
# ITMG302: IT Management and Governance ## Week 7: 28 Aug - Quiz 7 - Information Security Policy Framework ### **s225224771-Majavu Ambesiwe** - **Started on:** Monday, 9 September 2024, 3:00 PM - **State:** Finished - **Completed on:** Monday, 9 September 2024, 3:09 PM - **Time taken:** 9 mins 51 secs - **Grade:** 8 out of 10 (80%) ## **Question 1** **What should all ISG-related documents contain?** - **Correct** - **Mark 1 out of 1** **Select one:** - a. Management Procedures and Policies - b. Best Practices guide - c. Administrative Policy - **d. Compliance Clause** **The correct answer is: Compliance Clause** ## **Question 2** **Every Sub-Policy has one or more ____ which specifies how its aspects must be implemented.** - **Correct** - **Mark 1 out of 1** **Select one:** - a. policies - b. laws - **c. procedures** - d. guides **The correct answer is: procedures** ## **Question 3** **Lack of commitment to policies and procedures should lead to...** - **Correct** - **Mark 1 out of 1** **Select one:** - a. Revision of policies - **b. Disciplinary action** - c. Promotion - d. More procedures **The correct answer is: Disciplinary action** ## **Question 4** **Information security policies should ideally lead onto an information security...** - **Correct** - **Mark 1 out of 1** **Select one:** - **a. Culture** - b. Architecture - c. Risk - d. Requirement **The correct answer is: Culture** ## **Question 5** **Every sub-policy rely on one or more procedures for its implementation. The Procedures focus on the ___ of the implementation.** - **Correct** - **Mark 1 out of 1** **Select one:** - a. What - **b. How** - c. Where - d. When **The correct answer is: How** ## **Question 6** **Which of the following documents flows from the Directive?** - **Incorrect** - **Mark 0 out of 1** **Select one:** - **a. Corporate Information Security Policy** - b. Board-initiated Directive - c. Set of Administrative and Operational Procedures - d. Set of Company Standards **The correct answer is: Corporate Information Security Policy** ## **Question 7** **The CISP must reference specific technologies and is subject to frequent changes or updates.** - **Correct** - **Mark 1 out of 1** **Select one:** - True - **False** **The correct answer is 'False'.** ## **Question 8** **Control 5.5.1 of ISO 27002 states that an Information Security Policy document must ____** - **Correct** - **Mark 1 out of 1** **Select one:** - **a. exist** - b. have been approved by middle management - c. must have been certified according to the law - d. none of the above **The correct answer is: exist** ## **Question 9** **____ is a high-level document providing a basis for all lower-level documents related to Information Security.** - **Correct** - **Mark 1 out of 1** **Select one:** - **a. Corporate Information Security Policy** - b. ISO 27001 - c. IT Security Plan - d. None of the above **The correct answer is: Corporate Information Security Policy** ## **Question 10** **Which of the following documents is based on the Corporate and Detailed Policies?** - **Incorrect** - **Mark 0 out of 1** **Select one:** - a. Corporate Information Security Policy - b. Board-initiated Directive - c. Set of Administrative and Operational Procedures - **d. Set of Company Standards** **The correct answer is: Set of Company Standards**