The MOST effective tools for responding to new and advanced attacks are those that detect attacks based on:
Which of the following is MOST important to include in an incident response plan to ensure incidents are responded to by the appropriate individuals?
Which of the following is the MOST important security consideration when developing an incident response strategy with a cloud provider?
Which of the following is MOST useful to an information security manager when reporting the performance of the information security program to senior management?
Which of the following is MOST important to include in an information security policy?
An organization has implemented controls to mitigate risks resulting from identified vulnerabilities in an application. Which of the following is the BEST way to verify all weaknesses have been addressed?
Which of the following is the PRIMARY role of the information security manager in application development?
Which of the following is the MOST important consideration when defining a recovery strategy in a business continuity plan (BCP)?
The MOST important reason for an organization to establish a social media policy is to:
Which of the following should review and approve the objectives within an organization’s information security framework?
An organization has introduced a new bring your own device (BYOD) program. The security manager has determined that a small number of employees are utilizing free cloud storage services to store company data through their mobile devices. Which of the following is the MOST effective course of action?
What is the BEST way to inform senior management of the value of information security?
An anomaly-based intrusion detection system (IDS) operates by gathering data on:
Which of the following is the BEST way to determine the gap between the present and desired state of an information security program?
Which of the following is the BEST way to ensure data is not co-mingled or exposed when using a cloud service provider?
An organization is selecting security metrics to measure security performance, and a firewall specialist suggests tracking the number of external attacks blocked by the firewalls. Which of the following is the GREATEST concern with using this metric?
Which of the following is the MOST important reason for obtaining input from risk owners when implementing controls?
Which of the following is the BEST way to contain an SQL injection attack that has been detected by a web application firewall?
An information security manager has confirmed the organization ' s cloud provider has unintentionally published some of the organization ' s business data. Which of the following should be done NEXT?