Solved by verified expert :1.
Which of the following is
NOT something that a statement of authority tries to do?
A.
Explain the organization’s
reason for writing the documents
B.
Recruit readers and show what
is expected of them as employees
C.
Define what employees are
expected to do in order to comply with the policies
D.
Describe regulatory compliance
responsibilities that the company has
2.
Which of the following
documents is likely to change most often?
A.
Guidelines, because new
improved best practices continually emerge
B.
Standards, because they are
specific to the technology platform in use
C.
Procedures, because they are so
detailed
D.
Policies, because they reflect
core values
3.
Which of the following most
likely be in the policy exceptions part of a company’s policy that prohibits
the use of modems?
A.
All requests for modems must be
approved by the Information Security department prior to installation
B.
A modem inventory form must be sent
to the Information Security department immediately following the installation
of all new modems
C.
Only Bell 202C modems may be
installed
D.
No modems whatsoever may be
installed
4.
Which of the following is
MOST likely to reflect the policy audience for a corporate ethics policy at
Acme Manufacturing?
A.
All Acme Manufacturing
employees, and all vendors and service providers
B.
All full- and part-time
employees of Acme Manufacturing and its subsidiaries
C.
The Acme Manufacturing Board of
Directors
D.
The Finance, Human Resources,
and Marketing departments of Acme Manufacturing
5.
Which of the following is
contained in the policy statement?
A.
The rules for implementing the
policy
B.
The location of documents that
explain the reasoning behind the rules
C.
Sometimes the step-by-step
procedures required to perform the tasks defined in the policy
D.
All of the above
6.
If a new United States
federal information-sharing law is adopted, which of the following best
represents a related information security policy statement of purpose?
A.
Uphold the U.S. Constitution
B.
Ensure compliance with federal
law
C.
Prevent personal information
from being used for identity theft
D.
Maintain individuals’ right to
privacy, as granted under the U.S. Constitution
7.
If a new United States
federal information-sharing law is adopted, which of the following best
represents a related information security policy objective?
A.
Ensure compliance with federal
law
B.
Obtain prior written approval
from all individuals whose personal data is to be shared
C.
Maintain individuals’ right to
privacy, as granted under the U.S. Constitution
D.
Prevent personal information
from being used for identity theft
8.
Which of the following best
describes the sequence of action steps posted on the front of an automated
teller machine (ATM) at a bank?
A.
Standards
B.
Procedures
C.
Guidelines
D.
Policies
9.
Which of the following best
describes Guidelines?
A.
Demands
B.
Suggestions
C.
Questions
D.
Statements
10.
If a policy refers the
reader to another section for clarification of any instance of non-standard
language, that other section would best be called which of the following?
A.
Policy Definitions
B.
Policy Header
C.
Policy Enforcement Clause
D.
Policy Exceptions
