ASSIGNMENT 4 Textbook  Assignment:  “AIS  Security  (continued),”  chapter  4,  pages  4-13 through  4-26. 4-1. In which of the following 4-4. steps in planning an AIS security  program,  will  major problem areas be identified? 1. Perform action plans 2. Perform  preliminary planning 3. Perform  a  preliminary risk  analysis 4. Perform and document a 4-5. detailed  risk  analysis 4-2. Which of the following steps in planning an AIS security program  allows  for  review and approval? 1. Perform  action  plans 2. Perform   preliminary planning 3. Perform  a  preliminary 4-6. risk  analysis 4. Perform and document a detailed  risk  analysis 4-3. A  security  policy  statement should provide which of the following  information? 1. General  guidance  and assignment  of responsibilities 4-7. 2. General  guidance  and listing of responsibilities 3. Detailed  guidance  and assignment  of responsibilities 4. Detailed  guidance  and listing of responsibilities AS a  guideline  for  risk analysis,    which of the following  FIPS  publications should you use? 1. FIPS   PUB 47 2. FIPS PUB 53 3. FIPS PUB 65 4. FIPS PUB 79 The impact of a given threat may depend on all but which of the following factors? 1. Geographical   location 2. Local  environment 3. Perceived threat of vandals 4. Potential value of property to a thief Which of the following is a threat to an AIS facility? 1. Hardware  failure 2. Tampering with inputs, programs,  and  data 3. Accidents   causing nonavailability  of  key personnel 4. Each of the above It is recommended that the AIS  facility  upper management  begin  development of the security program with a/an 1. risk analysis 2. inventory  of  equipment 3. survey of data integrity 4. intensive  training program 31