What type of a response strategy is this?
Mary is the project manager of the HGH Project for her company. She and her project team
have agreed that if the vendor is late by more than ten days they will cancel the order and
hire the NBG Company to fulfill the order. The NBG Company can guarantee orders within
three days, but the costs of their products are significantly more expensive than the current
vendor. What type of a response strategy is this?
Which of the following is a standard that sets basic requirements for assessing the effectiveness of computer
Which of the following is a standard that sets basic requirements for assessing the
effectiveness of computer security controls built into a computer system?
Which of the following are among the eight areas of IA defined by DoD?
According to U.S. Department of Defense (DoD) Instruction 8500.2, there are eight
Information Assurance (IA) areas, and the controls are referred to as IA controls. Which of
the following are among the eight areas of IA defined by DoD? Each correct answer
represents a complete solution. Choose all that apply.
Which of the following is an Information Assurance (IA) model that protects…?
Which of the following is an Information Assurance (IA) model that protects and defends
information and information systems by ensuring their availability, integrity, authentication,
confidentiality, and non-repudiation?
Which risk response can you choose that will also cause you to update the human resource management plan?
You work as a project manager for BlueWell Inc. Your project is running late and you must
respond to the risk. Which risk response can you choose that will also cause you to update
the human resource management plan?
Which of the following FITSAF levels shows that the procedures and controls have been implemented?
FITSAF stands for Federal Information Technology Security Assessment Framework. It is a
methodology for assessing the security of information systems. Which of the following
FITSAF levels shows that the procedures and controls have been implemented?
Which of the following recovery plans includes specific strategies…?
Which of the following recovery plans includes specific strategies and actions to deal with
specific variances to assumptions resulting in a particular security problem, emergency, or
state of affairs?
What are the ISO 17799 domains?
ISO 17799 has two parts. The first part is an implementation guide with guidelines on how
to build a comprehensive information security infrastructure and the second part is an
auditing guide based on requirements that must be met for an organization to be deemed
compliant with ISO 17799. What are the ISO 17799 domains? Each correct answer
represents a complete solution. Choose all that apply.
What approach can Amy take to create a bias against risks that will affect the schedule of the project?
Amy is the project manager for her company. In her current project the organization has a
very low tolerance for risk events that will affect the project schedule. Management has
asked Amy to consider the affect of all the risks on the project schedule. What approach can
Amy take to create a bias against risks that will affect the schedule of the project?
What key thing will help Joan to discover risks within the review of the project documents?
Joan is a project management consultant and she has been hired by a firm to help them
identify risk events within the project. Joan would first like to examine the project documents
including the plans, assumptions lists, project files, and contracts. What key thing will help
Joan to discover risks within the review of the project documents?