(Solution Document) Question 1 Employee behavior in an organization is: usually far from optimal. prone to create secure work environments. not subject to policies and...

Question 1

Employee behavior in an organization is:

1. usually far from optimal.
2. prone to create secure work environments.
3. not subject to policies and guidance.
4. similar to machines.

Question 2

Which of the following statements is true regarding organizational policy and security awareness training?

1. Employee attitudes toward security awareness training can range from indifferent to eager.
2. Employees' willingness to work and learn is universal across different organizations.
3. Employees' adherence to security policy is solely dependent upon the organization's structure.
4. You can only create an organizational policy framework to define policies in flat organizations.

Question 3

Executive management, IT security policy enforcement monitoring, and human resources, all must have a unified front regarding the:

1. size and structure of the organization.
2. management structure and advancement opportunities.
3. issuance of executive orders within the organization.
4. disciplinary treatment of policy violations.

Question 4

Which of the following areas of the organization is responsible for establishing the policy commitment and implementation for the entire organization?

1. Executive Management
2. Supervisory-Level Management
3. Human Resources
4. IT Security Policy Enforcement Monitoring

Question 5

Which of the following areas of the organization conducts system logging, content filtering logging, and e-mail filtering logging with automated reporting for monthly or quarterly policy compliance reviews?

1. Executive Management
2. Supervisory-Level Management
3. Human Resources
4. IT Security Policy Enforcement Monitoring

Question 6

Which of the following areas of the organization is responsible for ensuring that employees, contractors, and consultants conform to all organizational policies?

1. Executive Management
2. Supervisory-Level Management
3. Human Resources
4. IT Security Policy Enforcement Monitoring