Which of the following roles is accountable for ensuring the impact of a new regulatory framework on a business system is assessed?
Which of the following should be the MOST important consideration of business continuity management?
To ensure that a new application complies with information security policy, the BEST approach is to:
Which of the following would BEST enable a new information security manager to assess the current state of information security governance within the organization?
Which of the following will have the MOST negative impact on the effectiveness of incident response processes?
How would the information security program BEST support the adoption of emerging technologies?
An organization is MOST likely to accept the risk of noncompliance with a new regulatory requirement when:
An information security manager has identified that security risks are not being treated in a timely manner. Which of the following
Which of the following BEST enables an organization to identify and contain security incidents?
The PRIMARY advantage of performing black-box control tests as opposed to white-box control tests is that they:
An organization learns that a third party has outsourced critical functions to another external provider. Which of the following is the information security manager ' s MOST important course of action?
An organization has discovered that a server processing real-time visual data could be vulnerable to a lateral movement stage in a ransomware attack. Which of the following controls BEST mitigates this vulnerability?
Which of the following processes BEST supports the evaluation of incident response effectiveness?
Which of the following factors would have the MOST significant impact on an organization ' s information security governance mode?
Which of the following is the MOST important function of an information security steering committee?
Which of the following should be the MOST important consideration when reviewing an information security strategy?
Which of the following metrics would provide an accurate measure of an information security program ' s performance?
Which of the following BEST enables an organization to increase information security control effectiveness?
Which of the following is the MOST effective way to influence organizational culture to align with security guidelines?
Which of the following eradication methods is MOST appropriate when responding to an incident resulting in malware on an application server?