Several months after the installation of a new firewall with intrusion prevention features to block malicious activity, a breach was discovered that came in through the firewall shortly after installation. This breach could have been detected earlier by implementing firewall:
Which of the following is the MOST important benefit of using a cloud access security broker when migrating to a cloud environment?
Which of the following BEST determines the data retention strategy and subsequent policy for an organization?
An organization has purchased an Internet sales company to extend the sales department. The information security manager ' s FIRST step to ensure the security policy framework encompasses the new business model is to:
For the information security manager, integrating the various assurance functions of an organization is important PRIMARILY to enable:
Which of the following is MOST important to include in monthly information security reports to the board?
An information security manager is updating the organization ' s incident response plan. Which of the following is the BEST way to validate that the process and procedures provided by IT and business units are complete, accurate, and known by all responsible teams?
Which or the following is MOST important to consider when determining backup frequency?
An organization ' s information security manager is performing a post-incident review of a security incident in which the following events occurred:
• A bad actor broke into a business-critical FTP server by brute forcing an administrative password
• The third-party service provider hosting the server sent an automated alert message to the help desk, but was ignored
• The bad actor could not access the administrator console, but was exposed to encrypted data transferred to the server
• After three hours, the bad actor deleted the FTP directory, causing incoming FTP attempts by legitimate customers to fail
Which of the following could have been prevented by conducting regular incident response testing?
Which of the following is the MOST important requirement for a successful security program?
Which of the following defines the triggers within a business continuity plan (BCP)? @
After a server has been attacked, which of the following is the BEST course of action?
When updating the information security policy to accommodate a new regulation, the information security manager should FIRST:
Which of the following should be the FIRST step in developing an information security strategy?
Which of the following provides the MOST comprehensive insight into ongoing threats facing an organization?
Which of the following is the MOST important detail to capture in an organization ' s risk register?
Which of the following is the MOST important reason for an organization to communicate to affected parties that a security incident has occurred?
Which of the following should be the PRIMARY basis for determining the value of assets?
A security incident has been reported within an organization. When should an information security manager contact the information owner?