EMT Practice Test

1. Question Content...


Question List

Question1: When deploying an Intrusion Prevention System (IPS) the BEST way to get maximum protection from the system is to deploy it

Question2: The exposure factor of a threat to your organization is defined by?

Question3: Which of the following is considered a project versus a managed process?

Question4: A recent audit has identified a few control exceptions and is recommending the implementation of technology and processes to address the finding. Which of the following is the MOST likely reason for the organization to reject the implementation of the recommended technology and processes?

Question5: Which of the following best describes the purpose of the International Organization for Standardization (ISO) 27002 standard?

Question6: Which of the following is the MOST effective method to counter phishing attacks?

Question7: A large number of accounts in a hardened system were suddenly compromised to an external party. Which of the following is the MOST probable threat actor involved in this incident?

Question8: Which is the BEST solution to monitor, measure, and report changes to critical data in a system?

Question9: As the CISO you need to write the IT security strategic plan. Which of the following is the MOST important to review before you start writing the plan?

Question10: An international organization is planning a project to implement encryption technologies to protect company confidential information. This organization has data centers on three continents. Which of the following would be considered a MAJOR constraint for the project?

Question11: When dealing with a risk management process, asset classification is important because it will impact the overall:

Question12: What is a Statement of Objectives (SOA)?

Question13: An organization's Information Security Policy is of MOST importance because

Question14: Which of the following backup sites takes the longest recovery time?

Question15: Your incident response plan should include which of the following?

Question16: A stakeholder is a person or group:

Question17: You are the CISO of a commercial social media organization. The leadership wants to rapidly create new methods of sharing customer data through creative linkages with mobile devices. You have voiced concern about privacy regulations but the velocity of the business is given priority. Which of the following BEST describes this organization?

Question18: Michael starts a new job and discovers that he has unnecessary access to a variety of systems. Which of the following best describes the problem he has encountered?

Question19: Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and dat a. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.
Once supervisors and data owners have approved requests, information system administrators will implement

Question20: Which of the following has the GREATEST impact on the implementation of an information security governance model?

Question21: Human resource planning for security professionals in your organization is a:

Question22: Information security policies should be reviewed:

Question23: A bastion host should be placed:

Question24: At which point should the identity access management team be notified of the termination of an employee?

Question25: A CISO has recently joined an organization with a poorly implemented security program. The desire is to base the security program on a risk management approach. Which of the following is a foundational requirement in order to initiate this type of program?

Question26: When a critical vulnerability has been discovered on production systems and needs to be fixed immediately, what is the BEST approach for a CISO to mitigate the vulnerability under tight budget constraints?

Question27: An application vulnerability assessment has identified a security flaw in an application. This is a flaw that was previously identified and remediated on a prior release of the application. Which of the following is MOST likely the reason for this recurring issue?

Question28: Which of the following functions evaluates risk present in IT initiatives and/or systems when implementing an information security program?

Question29: Which of the following best describes a portfolio?

Question30: Which of the following provides an audit framework?

Question31: Which of the following is the BEST indicator of a successful project?

Question32: Which of the following would negatively impact a log analysis of a multinational organization?

Question33: A recommended method to document the respective roles of groups and individuals for a given process is to:

Question34: A system is designed to dynamically block offending Internet IP-addresses from requesting services from a secure website. This type of control is considered

Question35: Which of the following is considered one of the most frequent failures in project management?

Question36: Simon had all his systems administrators implement hardware and software firewalls to ensure network security. They implemented IDS/IPS systems throughout the network to check for and stop any unauthorized traffic that may attempt to enter. Although Simon and his administrators believed they were secure, a hacker group was able to get into the network and modify files hosted on the company's website. After searching through the firewall and server logs, no one could find how the attackers were able to get in. He decides that the entire network needs to be monitored for critical and essential file changes. This monitoring tool alerts administrators when a critical file is altered. What tool could Simon and his administrators implement to accomplish this?

Question37: What are the primary reasons for the development of a business case for a security project?

Question38: A security manager has created a risk program. Which of the following is a critical part of ensuring the program is successful?

Question39: Which of the following is the MOST important reason for performing assessments of the security portfolio?

Question40: Which type of physical security control scan a person's external features through a digital video camera before granting access to a restricted area?

Question41: Which of the following is the PRIMARY purpose of International Organization for Standardization (ISO) 27001?

Question42: In effort to save your company money which of the following methods of training results in the lowest cost for the organization?

Question43: What is a difference from the list below between quantitative and qualitative Risk Assessment?

Question44: Which of the following is a weakness of an asset or group of assets that can be exploited by one or more threats?

Question45: When an organization claims it is secure because it is PCI-DSS certified, what is a good first question to ask towards assessing the effectiveness of their security program?

Question46: A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?

Question47: Which of the following best represents a calculation for Annual Loss Expectancy (ALE)?

Question48: The total cost of security controls should:

Question49: An organization is looking for a framework to measure the efficiency and effectiveness of their Information Security Management System. Which of the following international standards can BEST assist this organization?

Question50: Which of the following information may be found in table top exercises for incident response?

Question51: When evaluating a Managed Security Services Provider (MSSP), which service(s) is/are most important:

Question52: When performing a forensic investigation, what are the two MOST common data sources for obtaining evidence from a computer and mobile devices?

Question53: Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years.
Which of the following frameworks and standards will BEST fit the organization as a baseline for their security program?

Question54: What is the primary reason for performing a return on investment analysis?

Question55: The alerting, monitoring, and lifecycle management of security-related events are typically managed by the:

Question56: Who is responsible for securing networks during a security incident?

Question57: A system was hardened at the Operating System level and placed into the production environment. Months later an audit was performed and it identified insecure configuration different from the original hardened state. Which of the following security issues is the MOST likely reason leading to the audit findings?

Question58: When analyzing and forecasting an operating expense budget what are not included?

Question59: Which level of data destruction applies logical techniques to sanitize data in all user-addressable storage locations?

Question60: A Security Operations Centre (SOC) manager is informed that a database containing highly sensitive corporate strategy information is under attack. Information has been stolen and the database server was disconnected. Who must be informed of this incident?

Question61: To get an Information Security project back on schedule, which of the following will provide the MOST help?

Question62: The PRIMARY objective of security awareness is to:

Question63: A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?

Question64: When a CISO considers delaying or not remediating system vulnerabilities which of the following are MOST important to take into account?

Question65: Regulatory requirements typically force organizations to implement

Question66: Which of the following is MOST important when dealing with an Information Security Steering committee:

Question67: When reviewing a Solution as a Service (SaaS) provider's security health and posture, which key document should you review?

Question68: The framework that helps to define a minimum standard of protection that business stakeholders must attempt to achieve is referred to as a standard of:

Question69: An information security department is required to remediate system vulnerabilities when they are discovered. Please select the three primary remediation methods that can be used on an affected system.

Question70: Smith, the project manager for a larger multi-location firm, is leading a software project team that has 18 members, 5 of which are assigned to testing. Due to recent recommendations by an organizational quality audit team, the project manager is convinced to add a quality professional to lead to test team at additional cost to the project.
The project manager is aware of the importance of communication for the success of the project and takes the step of introducing additional communication channels, making it more complex, in order to assure quality levels of the project. What will be the first project management document that Smith should change in order to accommodate additional communication channels?

Question71: An organization has a stated requirement to block certain traffic on networks. The implementation of controls will disrupt a manufacturing process and cause unacceptable delays, resulting in sever revenue disruptions. Which of the following is MOST likely to be responsible for accepting the risk until mitigating controls can be implemented?

Question72: Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years.
Which of the following would be the FIRST step when addressing Information Security formally and consistently in this organization?

Question73: Step-by-step procedures to regain normalcy in the event of a major earthquake is PRIMARILY covered by which of the following plans?

Question74: A newly-hired CISO needs to understand the organization's financial management standards for business units and operations. Which of the following would be the best source of this information?

Question75: From an information security perspective, information that no longer supports the main purpose of the business should be:

Question76: A security officer wants to implement a vulnerability scanning program. The officer is uncertain of the state of vulnerability resiliency within the organization's large IT infrastructure. What would be the BEST approach to minimize scan data output while retaining a realistic view of system vulnerability?

Question77: Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and dat a. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.
What type of control is being implemented by supervisors and data owners?

Question78: Which of the following is considered the foundation for the Enterprise Information Security Architecture (EISA)?

Question79: Which of the following represents the BEST method of ensuring security program alignment to business needs?

Question80: Which of the following is a MAJOR consideration when an organization retains sensitive customer data and uses this data to better target the organization's products and services?

Question81: Which of the following functions MUST your Information Security Governance program include for formal organizational reporting?

Question82: Optical biometric recognition such as retina scanning provides access to facilities through reading the unique characteristics of a person's eye.
However, authorization failures can occur with individuals who have?

Question83: Which of the following is considered the MOST effective tool against social engineering?

Question84: You have recently drafted a revised information security policy. From whom should you seek endorsement in order to have the GREATEST chance for adoption and implementation throughout the entire organization?

Question85: According to the National Institute of Standards and Technology (NIST) SP 800-40, which of the following considerations are MOST important when creating a vulnerability management program?

Question86: Who is responsible for verifying that audit directives are implemented?

Question87: A missing/ineffective security control is identified. Which of the following should be the NEXT step?

Question88: During the 3rd quarter of a budget cycle, the CISO noticed she spent more than was originally planned in her annual budget. What is the condition of her current budgetary posture?

Question89: Which of the following are primary concerns for management with regard to assessing internal control objectives?

Question90: The process for identifying, collecting, and producing digital information in support of legal proceedings is called

Question91: The process to evaluate the technical and non-technical security controls of an IT system to validate that a given design and implementation meet a specific set of security requirements is called

Question92: The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help mitigate the risks?

Question93: In order for a CISO to have true situational awareness there is a need to deploy technology that can give a real-time view of security events across the enterprise. Which tool selection represents the BEST choice to achieve situational awareness?

Question94: When updating the security strategic planning document what two items must be included?

Question95: A company wants to fill a Chief Information Security Officer position. Which of the following qualifications and experience would be MOST desirable in a candidate?

Question96: Which of the following information would MOST likely be reported at the board-level within an organization?

Question97: When managing a project, the MOST important activity in managing the expectations of stakeholders is:

Question98: The Annualized Loss Expectancy (Before) minus Annualized Loss Expectancy (After) minus Annual Safeguard Cost is the formula for determining:

Question99: Scenario: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.
After determining the audit findings are accurate, which of the following is the MOST logical next activity?

Question100: The primary responsibility for assigning entitlements to a network share lies with which role?

Question101: Scenario: As you begin to develop the program for your organization, you assess the corporate culture and determine that there is a pervasive opinion that the security program only slows things down and limits the performance of the "real workers." Which group of people should be consulted when developing your security program?

Question102: Which of the following provides an independent assessment of a vendor's internal security controls and overall posture?

Question103: You have been promoted to the CISO of a retail store. Which of the following compliance standards is the MOST important to the organization?

Question104: What are the three hierarchically related aspects of strategic planning and in which order should they be done?

Question105: Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?

Question106: Which of the following is true regarding expenditures?

Question107: The single most important consideration to make when developing your security program, policies, and processes is:

Question108: SCENARIO: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization's needs.
The CISO discovers the scalability issue will only impact a small number of network segments. What is the next logical step to ensure the proper application of risk management methodology within the two-facto implementation project?

Question109: Which of the following activities results in change requests?

Question110: A CISO implements smart cards for credential management, and as a result has reduced costs associated with help desk operations supporting password resets. This demonstrates which of the following principles?

Question111: What are the common data hiding techniques used by criminals?

Question112: File Integrity Monitoring (FIM) is considered a

Question113: When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?

Question114: One of the MAIN goals of a Business Continuity Plan is to

Question115: Why is it vitally important that senior management endorse a security policy?

Question116: If your organization operates under a model of "assumption of breach", you should:

Question117: Information Security is often considered an excessive, after-the-fact cost when a project or initiative is completed. What can be done to ensure that security is addressed cost effectively?

Question118: When gathering security requirements for an automated business process improvement program, which of the following is MOST important?

Question119: Acme Inc. has engaged a third party vendor to provide 99.999% up-time for their online web presence and had them contractually agree to this service level agreement. What type of risk tolerance is Acme exhibiting? (choose the BEST answer):

Question120: Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has full access to the data on the foreign server.
Your defenses did not hold up to the test as originally thought. As you investigate how the data was compromised through log analysis you discover that a hardworking, but misguided business intelligence analyst posted the data to an obfuscated URL on a popular cloud storage service so they could work on it from home during their off-time. Which technology or solution could you deploy to prevent employees from removing corporate data from your network? Choose the BEST answer.

Question121: Who should be involved in the development of an internal campaign to address email phishing?

Question122: The Information Security Management program MUST protect:

Question123: When operating under severe budget constraints a CISO will have to be creative to maintain a strong security organization. Which example below is the MOST creative way to maintain a strong security posture during these difficult times?

Question124: Which of the following conditions would be the MOST probable reason for a security project to be rejected by the executive board of an organization?

Question125: Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.
Symmetric encryption in general is preferable to asymmetric encryption when:

Question126: You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation.
Which of the following is NOT documented in the SSP?

Question127: The amount of risk an organization is willing to accept in pursuit of its mission is known as

Question128: What are the three stages of an identity and access management system?

Question129: Which of the following is the MOST logical method of deploying security controls within an organization?

Question130: Which of the following is of MOST importance when security leaders of an organization are required to align security to influence the culture of an organization?

Question131: Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target company. Just as the employee opens the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so that he can enter. What is the best way to undermine the social engineering activity of tailgating?

Question132: Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?

Question133: Scenario: You are the CISO and have just completed your first risk assessment for your organization. You find many risks with no security controls, and some risks with inadequate controls. You assign work to your staff to create or adjust existing security controls to ensure they are adequate for risk mitigation needs.
When adjusting the controls to mitigate the risks, how often should the CISO perform an audit to verify the controls?

Question134: A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?

Question135: Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.
Which of the following is the reason the CISO has not been able to advance the security agenda in this organization?

Question136: The FIRST step in establishing a security governance program is to?

Question137: SCENARIO: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization's needs.
The CISO is unsure of the information provided and orders a vendor proof of concept to validate the system's scalability. This demonstrates which of the following?

Question138: What is the primary reason for performing vendor management?

Question139: Which of the following international standards can be BEST used to define a Risk Management process in an organization?

Question140: You have implemented a new security control. Which of the following risk strategy options have you engaged in?

Question141: Dataflow diagrams are used by IT auditors to:

Question142: Your penetration testing team installs an in-line hardware key logger onto one of your network machines. Which of the following is of major concern to the security organization?

Question143: Which of the following is critical in creating a security program aligned with an organization's goals?

Question144: A university recently hired a CISO. One of the first tasks is to develop a continuity of operations plan (COOP).
In developing the business impact assessment (BIA), which of the following MOST closely relate to the data backup and restoral?

Question145: What is meant by password aging?

Question146: You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the

Question147: Which of the following will be MOST helpful for getting an Information Security project that is behind schedule back on schedule?

Question148: Risk is defined as:

Question149: Which of the following is a symmetric encryption algorithm?

Question150: A severe security threat has been detected on your corporate network. As CISO you quickly assemble key members of the Information Technology team and business operations to determine a modification to security controls in response to the threat. This is an example of:

Question151: The new CISO was informed of all the Information Security projects that the organization has in progress. Two projects are over a year behind schedule and over budget. Using best business practices for project management you determine that the project correctly aligns with the company goals.
Which of the following needs to be performed NEXT?

Question152: Which of the following is the MOST effective way to measure the effectiveness of security controls on a perimeter network?

Question153: When is an application security development project complete?

Question154: The executive board has requested that the CISO of an organization define and Key Performance Indicators (KPI) to measure the effectiveness of the security awareness program provided to call center employees. Which of the following can be used as a KPI?

Question155: SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.
The CISO has validated audit findings, determined if compensating controls exist, and started initial remediation planning. Which of the following is the MOST logical next step?

Question156: What is the main purpose of the Incident Response Team?

Question157: A CISO wants to change the defense strategy to ward off attackers. To accomplish this the CISO is looking to a strategy where attackers are lured into a zone of a safe network where attackers can be monitored, controlled, quarantined, or eradicated.

Question158: Your IT auditor is reviewing significant events from the previous year and has identified some procedural oversights. Which of the following would be the MOST concerning?

Question159: Scenario: You are the CISO and have just completed your first risk assessment for your organization. You find many risks with no security controls, and some risks with inadequate controls. You assign work to your staff to create or adjust existing security controls to ensure they are adequate for risk mitigation needs.
When formulating the remediation plan, what is a required input?

Question160: The process of creating a system which divides documents based on their security level to manage access to private data is known as

Question161: What is the relationship between information protection and regulatory compliance?

Question162: When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?

Question163: Which of the following are necessary to formulate responses to external audit findings?

Question164: The general ledger setup function in an enterprise resource package allows for setting accounting periods. Access to this function has been permitted to users in finance, the shipping department, and production scheduling. What is the most likely reason for such broad access?

Question165: A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?

Question166: A Chief Information Security Officer received a list of high, medium, and low impact audit findings. Which of the following represents the BEST course of action?

Question167: Which of the following is a term related to risk management that represents the estimated frequency at which a threat is expected to transpire?

Question168: Risk that remains after risk mitigation is known as

Question169: When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?

Question170: Your organization provides open guest wireless access with no captive portals. What can you do to assist with law enforcement investigations if one of your guests is suspected of committing an illegal act using your network?

Question171: When considering using a vendor to help support your security devices remotely, what is the BEST choice for allowing access?

Question172: The ability to demand the implementation and management of security controls on third parties providing services to an organization is

Question173: As the Risk Manager of an organization, you are task with managing vendor risk assessments. During the assessment, you identified that the vendor is engaged with high profiled clients, and bad publicity can jeopardize your own brand.
Which is the BEST type of risk that defines this event?

Question174: Scenario: The new CISO was informed of all the Information Security projects that the section has in progress. Two projects are over a year behind schedule and way over budget.
Using the best business practices for project management, you determine that the project correctly aligns with the organization goals. What should be verified next?

Question175: Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.
From an Information Security Leadership perspective, which of the following is a MAJOR concern about the CISO's approach to security?

Question176: When creating contractual agreements and procurement processes why should security requirements be included?

Question177: The rate of change in technology increases the importance of:

Question178: SCENARIO: Critical servers show signs of erratic behavior within your organization's intranet. Initial information indicates the systems are under attack from an outside entity. As the Chief Information Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the details of this incident and take action according to the information available to the team.
During initial investigation, the team suspects criminal activity but cannot initially prove or disprove illegal actions. What is the MOST critical aspect of the team's activities?

Question179: John is the project manager for a large project in his organization. A new change request has been proposed that will affect several areas of the project. One area of the project change impact is on work that a vendor has already completed. The vendor is refusing to make the changes as they've already completed the project work they were contracted to do. What can John do in this instance?

Question180: Your incident handling manager detects a virus attack in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the incident handling process will utilize the signature to resolve this incident?

Question181: The primary purpose of a risk register is to:

Question182: What type of attack requires the least amount of technical equipment and has the highest success rate?

Question183: Scenario: Most industries require compliance with multiple government regulations and/or industry standards to meet data protection and privacy mandates.
When multiple regulations or standards apply to your industry you should set controls to meet the:

Question184: A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. Which of the following standards and guidelines can BEST address this organization's need?

Question185: The ability to hold intruders accountable in a court of law is important. Which of the following activities are needed to ensure the highest possibility for successful prosecution?

Question186: Which of the following are not stakeholders of IT security projects?

Question187: When you develop your audit remediation plan what is the MOST important criteria?

Question188: How often should the SSAE16 report of your vendors be reviewed?

Question189: What is the MOST critical output of the incident response process?

Question190: SCENARIO: Critical servers show signs of erratic behavior within your organization's intranet. Initial information indicates the systems are under attack from an outside entity. As the Chief Information Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the details of this incident and take action according to the information available to the team.
In what phase of the response will the team extract information from the affected systems without altering original data?

Question191: During the last decade, what trend has caused the MOST serious issues in relation to physical security?

Question192: Which of the following activities is the MAIN purpose of the risk assessment process?

Question193: Ensuring that the actions of a set of people, applications and systems follow the organization's rules is BEST described as:

Question194: Which of the following is the MOST important benefit of an effective security governance process?

Question195: An IT auditor has recently discovered that because of a shortage of skilled operations personnel, the security administrator has agreed to work one late night shift a week as the senior computer operator. The most appropriate course of action for the IT auditor is to:

Question196: An organization's firewall technology needs replaced. A specific technology has been selected that is less costly than others and lacking in some important capabilities. The security officer has voiced concerns about sensitive data breaches but the decision is made to purchase. What does this selection indicate?

Question197: Within an organization's vulnerability management program, who has the responsibility to implement remediation actions?

Question198: A customer of a bank has placed a dispute on a payment for a credit card account. The banking system uses digital signatures to safeguard the integrity of their transactions. The bank claims that the system shows proof that the customer in fact made the payment. What is this system capability commonly known as?

Question199: Which of the following best describes revenue?

Question200: Which represents PROPER separation of duties in the corporate environment?

Question201: Developing effective security controls is a balance between:

Question202: The mean time to patch, number of virus outbreaks prevented, and number of vulnerabilities mitigated are examples of what type of performance metrics?

Question203: Which of the following is the MOST important to share with an Information Security Steering Committee:

Question204: As the new CISO at the company you are reviewing the audit reporting process and notice that it includes only detailed technical diagrams. What else should be in the reporting process?

Question205: When selecting a security solution with reoccurring maintenance costs after the first year, the CISO should: (choose the BEST answer)