Which of the following BEST supports investments in an information security program?
Which of the following groups is MOST important to involve in the development of information security procedures?
An organization is planning to open a new office in another country. Sensitive data will be routinely sent between the two offices. What should be the information security manager’s FIRST course of action?
An information security team has started work to mitigate findings from a recent penetration test. Which of the following presents the GREATEST risk to the organization?
Application data integrity risk is MOST directly addressed by a design that includes:
An organization is in the process of acquiring a new company. Which of the following is the FIRST step to determine how to protect newly acquired data assets prior to integration?
Which of the following is the MOST appropriate action during the containment phase of a cyber incident response?
Which of the following would BEST guide the development and maintenance of an information security program?
Which of the following is the MOST important reason to involve external forensics experts in evidence collection when responding to a major security breach?
Regular vulnerability scanning on an organization ' s internal network has identified that many user workstations have unpatched versions of software. What is the BEST way for the information security manager to help senior management understand the related risk?
Which of the following is the BEST indicator of a successful intrusion into an organization ' s systems?
An information security manager has been notified that two senior executives have the ability to elevate their own privileges in the corporate accounting system, in violation of policy. What is the FIRST step to address this issue?
In a business proposal, a potential vendor promotes being certified for international security standards as a measure of its security capability.
Before relying on this certification, it is MOST important that the information security manager confirms that the:
Which of the following BEST supports the incident management process for attacks on an organization ' s supply chain?
In an organization that has an established social media policy, which of the following is the BEST way to reduce the risk associated with personally identifiable information disclosure?
Which of the following is the GREATEST value provided by a security information and event management (SIEM) system?
Due to specific application requirements, a project team has been granted administrative ponieon GR: is the PRIMARY reason for ensuring clearly defined roles and responsibilities are communicated to these users?
Which of the following will ensure confidentiality of content when accessing an email system over the Internet?
The PRIMARY purpose for continuous monitoring of security controls is to ensure: