Please answer the six questions

profilekevnsc

Complete each section of the worksheet using the textbooks and course materials provided in Week 2.

 

 1.    The set of laws, rules, directives, and practices that regulate how an organization manages, protects, and distributes controlled information is called _______.

 

 2.    The security concept that states every user should be responsible for his or her own actions is called

_______.

 

 3.    The individual who is responsible for deciding on the access rights to the information for various personnel is called an _______.

 

 4.    Physical, technical, and administrative controls used to protect information systems are called

_______.

 

 5.    The probability that a particular threat will exploit a particular vulnerability of an information system is called _______.

 

 6.    An event, process, activity, or substance that has an adverse effect on organizational assets is called a _______.

 


Federal Information Security Management Act (FISMA) of 2002 Terminology Matching

 

Match the terminology with the correct definition by inserting the corresponding letter in the answer column.

 

 

Terminology

Answer

Definitions

7.

Authorize

 

A. Information systems and internal information are grouped based on impact. 

8.

Supplement

 

B. The step where an initial set of security controls for the information system are chosen and tailored to obtain a starting point for required controls  

9.

Monitor

 

C. Assess the risk and local conditions, including the security requirements, specific threat information, and cost–benefit analysis to increase or decrease security controls. 

10.

Categorize

 

D. Step where the original and supplement controls are put in writing

11.

Document

 

E. Original and supplement controls are applied to the system.

12.

Select

 

F. Security controls are evaluated to see if they are implemented correctly and are operating as intended.

13.

Assess

 

G. Evaluation of risk to organizational operations, organizational assets, or individuals that leads to this action

14.

Implement

 

H. Requires checking and assessing the selected security controls in the information system on a continuous basis 

    • 11 years ago
    • 20
    Answer(1)

    Purchase the answer to view it

    blurred-text
    NOT RATED
    • attachment
      questions.doc
    other Questions(10)