Which of the following BEST supports information security management in the event of organizational changes in security personnel?
Senior management recently approved a mobile access policy that conflicts with industry best practices. Which of the following is the information security manager ' s BEST course of action when developing security standards for mobile access to the organization ' s network?
Following a breach where the risk has been isolated and forensic processes have been performed, which of the following should be done NEXT?
Which of the following provides the BEST assurance that security policies are applied across business operations?
Which of the following should be the KEY consideration when creating an information security communication plan with industry peers?
Which of the following change management procedures is MOST likely to cause concern to the information security manager?
An organization has an ongoing security awareness training program. Employee participation has been decreasing over the year, while the number of malware and phishing incidents from email has been increasing. What is the information security manager ' s BEST course of action?
An organization that has recently suffered a cyberattack is considering engaging law enforcement. Which of the following is the MOST important course of action for the incident response team?
An organization is in the process of selecting a third party to process customer information. Which of the following provides the BEST evidence that the third party’s controls will operate as required?
Which of the following methods is the BEST way to demonstrate that an information security program provides appropriate coverage?
Which of the following BEST ensures information security governance is aligned with corporate governance?
Which of the following is MOST important when developing an information security strategy?
Which of the following is the PRIMARY benefit of implementing an information security governance framework?
Which of the following would BEST help to ensure appropriate security controls are built into software?
Which of the following should an organization do FIRST when confronted with the transfer of personal data across borders?
An organization is about to purchase a rival organization. The PRIMARY reason for performing information security due diligence prior to making the purchase is to:
Which of the following is BEST used to determine the maturity of an information security program?
Which of the following is the PRIMARY benefit of a vulnerability scanning tool to an organization?
The ULTIMATE responsibility for ensuring the objectives of an information security framework are being met belongs to: