Business objectives and organizational risk appetite are MOST useful inputs to the development of information security:
An international organization with remote branches is implementing a corporate security policy for managing personally identifiable information (PII). Which of the following should be the information security manager ' s MAIN concern?
Security administration efforts will be greatly reduced following the deployment of which of the following techniques?
During the initiation phase of the system development life cycle (SDLC) for a software project, information security activities should address:
Which of the following establishes the minimum technical baseline for security controls?
The PRIMARY purpose of implementing information security governance metrics is to:
Which of the following is the BEST source of information to support an organization ' s information security vision and strategy?
Senior management wants to thoroughly test a disaster recovery plan (DRP) for a mission-critical system. Which of the following would provide the MOST reliable results?
Which of the following would BEST demonstrate the status of an organization ' s information security program to the board of directors?
Which of the following is the MOST effective approach to communicate general information security responsibilities across an organization?
Several critical systems have been compromised with malware. Which of the following is the BEST strategy to eradicate this incident?
The MOST important information for influencing management’s support of information security is:
Which of the following is the BEST option to lower the cost to implement application security controls?
Which of the following should occur FIRST in the process of managing security risk associated with the transfer of data from unsupported legacy systems to supported systems?
Which of the following Is MOST useful to an information security manager when conducting a post-incident review of an attack?
Information security needs to invest in new tools to align with a recently updated bring your own device (BYOD) policy that now includes wearable technologies. Which of the following would BEST demonstrate return on investment (ROI) in risk management when presenting to the strategy committee for review?
Which of the following is the MOST effective way to prevent information security incidents?
Which of the following is MOST important to have in place when conducting a security control assessment of a system?