Test your knowledge of security policies management with these trivia questions. Scroll down to the bottom of the page for the correct answers. If you get them all correct, you can call yourself an Infosec Know IT All!
1.) This is an encapsulation of an information security policy in language that users can understand.
a. acceptable use policy
b. user accountability statement
c. policy-based management
d. user profile
e. full disclosure policy
2.) This outlines what is deemed appropriate activity on the corporate network or on a corporate-owned system.
a. user accountability statement
b. policy-based management
c. full disclosure policy
d. acceptable use policy
e. user profile
3.) Which definition best describes standards?
a. Standards are specific instructions for performing some function or action.
b. Standards define the process or rules to be used to support a policy, such as system-design models or specific software or methodologies.
c. Standards are mechanisms used to regulate the operations to meet policy measurements.
d. Standards are long-term, high-level management instructions on how the organization is to be run and generally are driven by legal concerns.
e. None of the above.
4.) What is the best way to disseminate policies?
a. Placing hard copies in as many places as possible throughout the office.
b. Giving each employee a hard copy when they begin employment.
c. E-mailing copies to department heads to further disseminate.
d. Posting them electronically with search capability, such as on the Web or an electronic database.
e. Keeping one copy available in the IT department for reference.
5.) True or False: A group security policy can and should include restrictions on changes that can be made to the Internet Explorer configuration.
What do you think of our trivia questions? Are they too easy? Too hard? Let me know.
3.) b. Standards define the process or rules to be used to support a policy, such as system-design models or specific software or methodologies.
For more information on security standards, visit our Best Web Links.
4.) d. Posting them electronically with search capability, such as on the Web or an electronic database.
For more information on disseminating policies, read this expert Q&A.
This was first published in December 2003