A multinational organization is introducing a security governance framework. The information security manager ' s concern is that regional security practices differ. Which of the following should be evaluated FIRST?
Of the following, who is responsible for ensuring security controls are aligned with business objectives and regulatory requirements?
A department has reported that a security control is no longer effective. Which of the following is the information security manager ' s BEST course of action?
Which of the following is the BEST reason for delaying the application of a critical security patch?
When management changes the enterprise business strategy which of the following processes should be used to evaluate the existing information security controls as well as to select new information security controls?
To help users apply appropriate controls related to data privacy regulation, what is MOST important to communicate to the users?
The PRIMARY reason to create and externally store the disk hash value when performing forensic data acquisition from a hard disk is to:
An employee clicked on a malicious link in an email that resulted in compromising company data. What is the BEST way to mitigate this risk in the future?
Which of the following is the MOST important reason for logging firewall activity?
An organization experienced a loss of revenue during a recent disaster. Which of the following would BEST prepare the organization to recover?
Which of the following should be done FIRST to ensure information security is integrated into system development projects?
Which of the following would be the GREATEST obstacle to implementing incident notification and escalation processes in an organization with high turnover?
Which of the following BEST facilitates the effective execution of an incident response plan?
Which of the following should be the GREATEST concern for an information security manager when an annual audit reveals the organization ' s business continuity plan (BCP) has not been reviewed or updated in more than a year?
Which of the following has The GREATEST positive impact on The ability to execute a disaster recovery plan (DRP)?
Who is accountable for ensuring proper controls are in place to address the confidentiality and availability of an information system?
An information security manager developing an incident response plan MUST ensure it includes:
Which of the following should be done FIRST when a SIEM flags a potential event?