EMT Practice Test

1. Question Content...


Question List

Question1: Reviewing security objectives and ensuring the integration of security across business units is PRIMARILY the focus of the:

Question2: Which of the following is an information security manager's BEST course of action when informed of decision to reduce funding for the information security program?

Question3: During the restoration of several servers, a critical process that services external customers was restored late due to a failure, resulting in lost revenue. Which of the following would have BEST helped to prevent this occurrence?

Question4: Which of the following statements indicates that a previously failing security program is becoming successful?

Question5: Which of the following is MOST important to consider when developing a disaster recovery plan?

Question6: When reporting to senior management on an information security vulnerability that could lead to a potential breach, what information is MOST likely to facilitate the decision-making process?

Question7: When the inherent risk of a business activity is lower than the acceptable risk level, the BEST course of action would be to:

Question8: Which of the following should be used to attain sustainable and continuous information security process improvement?

Question9: Which of the following BEST indicates that information security will be considered when new IT technologies are implemented across an organization?

Question10: The FIRST step in establishing an information security program is to:

Question11: An information security program should be established PRIMARILY on the basis of:

Question12: An organization is in the process of adopting a hybrid data infrastructure, transferring all non-core applications to cloud service providers and maintaining all core business functions in-house. The information security manager has determined a defense in depth strategy should be used. Which of the following BEST describes this strategy?

Question13: Which of the following metrics is MOST useful to demonstrate the effectiveness of an incident response plan?

Question14: An information security manager is asked to provide evidence that the organization is fulfilling its legal obligation to protect personal identifiable information (Pll). Which of the f<

Question15: Threat and vulnerability assessments are important PRIMARILY because they are:

Question16: Following a successful and well-publicized hacking incident, an organization alias plans to improve application security. Which of the following is a security project risk?

Question17: Which of the following would present the GREATEST need to revise information security poll'

Question18: Which of the following is the BEST approach to identify noncompliance issues with legal, regulatory, and contractual requirements?

Question19: Which of the following is MOST important for an information security manager to highlight when presenting the organization s security posture to an executive audience?

Question20: Which of the following should be the PRIMARY expectation of management when an organization introduces an information security governance framework?

Question21: When developing an information security governance framework, which of the following should be the FIRST activity?

Question22: Which of the following is the MOST important outcome of monitoring and reporting on information security processes?

Question23: Which of the following would provide senior management with the BEST information to better understand the organization's information security risk profile?

Question24: Which of the following is the MOST important consideration when developing an incident management program?

Question25: What should be the PRIMARY basis for establishing a recovery time objective (RTO) for a critical business application?

Question26: Which of the following is the PRIMARY purpose of conducting a business impact analysis (BIA)?

Question27: An organization wants to ensure its confidential data is isolated in a multi-tenanted environment at a well-known cloud service provider. Which of the following is the BEST way to ensure the data is adequately protected?

Question28: Information security governance is PRIMARILY a:

Question29: An information security manager is developing a new information security strategy. Which of the following functions would serve as the BEST resource to review the strategy and provide guidance for business alignment?

Question30: Which of the following BEST enables an effective escalation process within an incident response program?

Question31: A hacking group has posted an organization's employee data on social media. What should the information security manager do FIRST?

Question32: Which of the following is the MOST important step in risk ranking?

Question33: An organization has recently experienced unauthorized device access to its network. To proactively manage the problem and mitigate this risk, the BEST preventive control would be to:

Question34: When building a corporate-wide business continuity plan {BCP), it is discovered there are two separate lines of business systems that could be impacted by the same threat. Which of the following is the BEST method to determine the priority of system recovery in the event of a disaster?

Question35: An organization has implemented an enhanced password policy for business applications which requires significantly more business resource to support clients. The BEST approach to obtain the support of business management would be to:

Question36: Which of the following is the MOST effective method for categorizing system and data criticality during the risk assessment process?

Question37: Which of the following will BEST ensure that risk is evaluated on system level changes?

Question38: A financial institution's privacy department has requested the implementation of multi-factor authentication to comply with regulations for providing services over the Internet. Which of the following authentication schemes would BEST meet this compliance requirement?

Question39: An information security manager reads a media report of a new type of malware attack. Who should be notified FIRST"

Question40: An organization's IT department is undertaking a large virtualization project to reduce its physical server footprint. Which of the following should be the HIGHEST priority of the information security manager?

Question41: Knowing which of the following is MOST important when the information security manager is seeking senior management commitment?

Question42: An organization implemented a mandatory information security awareness training program a year ago. What is the BEST way to determine its effectiveness?

Question43: Which of the following is MOST critical for prioritizing actions in a business continuity plan (BCP)?

Question44: Which of the following is the BEST way to increase the visibility of information security within an organization's culture?

Question45: An information security manager has been alerted to a possible incident involving a breach at one of the organization's vendors. Which of the following should be done FIRST?

Question46: Recovery time objectives (RTOs) are an output of which of the following?

Question47: When determining an acceptable risk level, which of the following is the MOST important consideration?

Question48: Which of the following BEST demonstrates effective information security management within an organization?

Question49: After logging in to a web application, additional authentication is required at various application points. Which of the following is the PRIMARY reason for such an approach?

Question50: Which of the following enables compliance with a nonrepudiation policy requirement for electronic transactions?

Question51: When preparing a strategy for protection from SQL injection attacks, it is MOST important for the information security manager to involve:

Question52: Which of the following would present the GREATEST challenge to integrating information security governance into corporate governance?

Question53: Which of the following would be MOST important to consider when implementing security settings for a new system'

Question54: In addition to cost what is the BEST criteria for selecting countermeasures following a risk assessment?

Question55: Which of the following is the MOST effective way to mitigate the risk of confidential data leakage to unauthorized stakeholders?

Question56: Which of the following is BEST performed by the security department?

Question57: It is MOST important tot an information security manager to ensure that security risk assessments are performed:

Question58: Which of the following would BEST ensure that application security standards are in place?

Question59: Which of the following is MOST likely to reduce the effectiveness of a signature-based intrusion detection system (IDS)?

Question60: An organization has decided to implement a security information and event management (SIEM) system. It is MOST important for the organization to consider:

Question61: What should the information security manager do FIRST when end users express that new security controls are too restrictive?

Question62: Which of the following is the BEST way for an information security manager to justify continued investment in the information security program when the organization is facing significant budget cuts?

Question63: Which of the following is the FlRST step to promoting acceptable behavior with regard to information security throughout an organization?

Question64: An organization is considering a self-service solution for the deployment of virtualized development servers.
Which of the following should be information security manager's PRIMARY concern?

Question65: Which of the following is MOST useful to include in a report to senior management on a regular basis to demonstrate the effectiveness of the information security program?

Question66: Information security governance is PRIMARILY driven by which of the following?

Question67: Which of the following is MOST likely to increase end user security awareness in an organization?

Question68: Which of the following practices BEST supports the achievement of information security program objectives in the IT function?

Question69: Which of the following is MOST important to include in an information security strategy?

Question70: An organization planning to contract with a cloud service provider is concerned about the risk of account hijacking at login. What is MOST important for the organization in its security requirements to address this concern?

Question71: Which of the following is the GREATEST security threat when an organization allows remote access through a virtual private network (VPN)?

Question72: The integration of information security risk management processes within corporate risk management processes will MOST likely result in:

Question73: An organization wants to integrate information security into its human resource management processes. Which of the following should be the FWST step?

Question74: An organization has concerns regarding a potential advanced persistent threat (APT). To ensure that the risk associated with this threat is appropriately managed, what should be the organization 5 FIRST action?

Question75: Which of the following is the PRIMARY responsibility of an information security manager in an organization that is implementing the use of company-owned mobile devices in its operations?

Question76: When preventative controls to appropriately mitigate risk are not feasible, which of the following is the MOST important action for the information security manager to perform?

Question77: What should the information security manager recommend to support the development of a new web application that will allow retail customers to view inventory and order products?

Question78: The GREATEST benefit of choosing a private cloud over a public cloud would be:

Question79: Which of the following provides the MOST relevant evidence of incident response maturity?

Question80: After undertaking a security assessment of a production system, the information security manager is MOST likely to:

Question81: Which of the following is an example of a vulnerability?

Question82: An information security manager has identified and implemented mitigating controls according to industry best practices. Which of the following is the GREATEST risk associated with this approach?

Question83: Which of the ager to regularly report to senior management?

Question84: Which of the following is MOST critical to review when preparing to outsource a data repository to a cloud-based solution?

Question85: Which of the following would BEST detect malicious damage arising from an internal threat?

Question86: After assessing risk, the decision to treat the risk should be based PRIMARILY on:

Question87: What would be an information security manager's BEST course of action when notified that the implementation of some security controls is being delayed due to budget constraints?

Question88: What should be the information security manager s MOST important consideration when planning a disaster recovery test?

Question89: What is the MOST important role of an organization's data custodian in support of the information security function?

Question90: Which of the following is the PRIMARY objective of the incident management process?

Question91: For an organization with operations in different parts of the world, the BEST approach for ensuring that security policies do not conflict with local laws and regulations is to:

Question92: Which of the following is the PRIMARY reason to invoke continuity and recovery plans?

Question93: Several significant risks have been identified after a centralized risk register was compiled and prioritized. The information security manager s MOST important action is to:

Question94: Which of the following is the PRIMARY objective of a business impact analysis (BIA)?

Question95: Implementing a strong password policy is part of an organization s information security strategy for the year.
A business unit believes the strategy may adversely affect a client's adoption of a recently developed mobile application and has decided not to implement the policy. Which of the following is the information security manager s BEST course of action?

Question96: An organization is considering moving one its critical business application to a cloud hosting service. The cloud provider may not provider the same level of security for its application as the organization. Which of the following will provide the BEST information to help maintain the security posture?

Question97: Which of the following would MOST likely require a business continuity plan to be invoked'

Question98: The MOST important reason to use a centralized mechanism to identify information security incidents is to:

Question99: An incident was detected where customer records were altered without authorization. The GREATEST concern for forensic analysis would be that the log data:

Question100: Which of the following is MOST likely to be included in an enterprise information security policy?

Question101: An information security manager has researched several options for handling ongoing security concerns and will be presenting these solutions to business managers. Which of the following with BEST enable business managers to make an informed decision?

Question102: An organization has announced new initiatives to establish a big data platform and develop mobile apps. What is the FIRST step when defining new human resource requirements?

Question103: When information security management is receiving an increased number of false positive incident reports, which of the following is MOST important to review?

Question104: Labeling information according to its security classification:

Question105: An organization is planning to open a new office in another country. Sensitive data will be routinely sent between the two offices. What should be the information security manager s FIRST course of action?

Question106: An organization s senior management wants to allow employees to access an internal application using their personal mobile devices. Which of the following should be the information security managers FIRST course of action?

Question107: An information security manager is evaluating the key risk indicators (KRls) for an organization s information security program. Which of the following would be the information security manager s GREATEST concern?

Question108: For an organization with a large and complex IT infrastructure, which of the following elements of a disaster recovery hot site service will require the closest monitoring?

Question109: Risk reporting requirements should be PRIMARILY based on:

Question110: Following a highly sensitive data breach at a large company, all servers and workstations were patched. The information security manager s NEXT step should be to:

Question111: Which of the following would provide nonrepudiation of electronic transactions?

Question112: Which of the following is the MOST important characteristic of an effective security policy?

Question113: To ensure appropriate control of information processed in IT systems, security safeguards should be based PRIMARILY on:

Question114: Which of the following should be the FIRST course of action when it becomes apparent that the recovery time objective (RTO) will not be met during incident response

Question115: Which of the following is the MOST useful metric for determining how well firewall logs are being monitored?

Question116: A recent audit has identified that security controls required by the organization's policies have not been implemented for a particular application. What should the information security manager do NEXT to address this issue?

Question117: When selecting risk response options to manage risk, an information security manager's MAIN focus should be on reducing:

Question118: Which of the following is the GREATEST risk associated with the head of information security reporting to the chief information officer (CIO)?

Question119: Which of the following is the BEST reason for delaying the application of a critical security patch?

Question120: During a review to approve a penetration test plan, which of the following should be an information security managers PRIMARY concern?

Question121: The PRIMARY disadvantage of using a cold-site recovery facility is that it is:

Question122: Which of the following would be MOST helpful to reduce the amount of time needed by an incident response team to determine appropriate actions?

Question123: Which of the following should be the MOST important consideration when implementing an information security framework?

Question124: Which of the following is the MOST effective way to identify changes in an information security environment?

Question125: Which of the following BEST contributes to the successful management of security incidents?

Question126: Which of the following is the MOST important consideration when deciding whether to continue outsourcing to a managed security service provider?

Question127: Which of the following is the MOST challenging aspect of securing Internet of Things (loT) devices?

Question128: Which of the following will BEST help to ensure security is addressed when developing a custom application?

Question129: The PRIMARY purpose of a security information and event management (SIEM) system is to:

Question130: Which of the following is the information security manager's PRIMARY role in the information assets classification process?

Question131: Which of the following is the MOST important action when using a web application that has recognized vulnerabilities?

Question132: Which of the following is the PRIMARY benefit of using agentless endpoint security solutions?

Question133: What is the MOST effective way to ensure information security incidents will be managed effectively and in a timely manner?

Question134: Which of the following is MOST important to consider when determining asset valuation?

Question135: A newly hired information security manager discovers that the cleanup of accounts for terminated employees happens only once a year. Which of the following should be the information security manager's FIRST course of action?

Question136: The PRIMARY reason for classifying assets is to:

Question137: Which of the following is the MOST important reason for performing a risk analysis?

Question138: Which of the following would contribute MOST to employees' understanding of data handling responsibilities?

Question139: Which of the following is MOST critical to the successful implementation of information security within an organization?

Question140: Which of the following is MOST important to enable after completing action plan?

Question141: Which of the following is the PRIMARY benefit of using a tabletop method to conduct an incident response exercise?

Question142: The BEST defense against phishing attempts within an organization is:

Question143: The PRIMARY reason for implementing scenario-based training for incident response is to:

Question144: Which of the following is the MOST effective control to reduce the impact of ransomware attacks?

Question145: The MAIN reason for internal certification of web-based business applications is to ensure:

Question146: Which of the following is the MOST important factor to ensure information security is meeting the organization's objectives?

Question147: Which of the following would be MOST helpful to an information security manager tasked with enforcing enhanced password standards?

Question148: Which of the following is the MOST useful input for an information security manager when refreshing the organizations security strategy?

Question149: An employee is found to be using an external cloud storage service to share corporate information with a third-party consultant, which is against company policy. Which of the following should be the information security manager s FIRST course of action?

Question150: An information security manager learns users of an application are frequently using emergency elevated access privileges to process transactions Which of the following should be done FIRST?

Question151: Which of the following is the MOST effective data loss control when connecting a personally owned mobile device to the corporate email system?

Question152: Which of the following metrics is the BEST measure of the effectiveness of an information security program?

Question153: Authorization can BEST be accomplished by establishing:

Question154: Which of the following is the BEST way to improve the timely reporting of information security incidents?

Question155: Which of the following defines the triggers within a business continuity plan (BCP)?

Question156: Conducting a cost-benefit analysis for a security investment is important because it

Question157: Which of the following would be of GREATEST concern to an information security manager when evaluating a cloud service provider (CSP)?

Question158: Which of the following should be the PRIMARY input when defining the desired state of security within an organization?

Question159: Which of the following is the MOST relevant risk factor to an organization when employees use social media?

Question160: When trying to integrate information security across an organization, the MOST important goal for a governing body should be to ensure:

Question161: For proper escalation of events, it is MOST important for the information security manager to ensure:

Question162: A new mobile application is unable to adhere to the organization's authentication policy. Which of the following would be the information security manager's BEST course of action?

Question163: An organization is concerned with the risk of information leakage caused by incorrect use of personally owned smart devices by employees. What is the BEST way for the information security manager to mitigate the associated risk?

Question164: An organization us& a particular encryption protocol for externally facing web pages and key financial services. A security firm publicizes a critical security flaw in the encryp manager do FIRST?

Question165: Which of the following would BEST mitigate identified vulnerabilities in a timely manner?

Question166: Which of the following is an information security manager's BEST course of action to address a significant materialized risk that was not prevented by organizational controls?

Question167: Establishing which of the following is the BEST way of ensuring that the emergence of new risk is promptly identified?

Question168: Which of the following is the MOST important consideration when determining the approach for gaining organization-wide acceptance of an information security plan?

Question169: Which of the following should an incident response team do NEXT after validating an event is an incident?

Question170: Which of the following is PRIMARILY influenced by a business impact analysis (BIA)?

Question171: Which of the following is the PRIMARY driver of information security compliance?

Question172: Which of the following is the MOST important prerequisite to performing an information security risk assessment?

Question173: Which of the following sites is MOST appropriate in the case of a very short recovery time objective (RTO)?

Question174: Which of the following techniques is MOST useful when an incident response team needs to respond to external attacks on multiple corporate network devices?

Question175: The PRIMARY advantage of a network intrusion detection system (IDS) is that it can:

Question176: When developing a disaster recovery plan, which of the following would be MOST helpful in prioritizing the order in which systems should be recovered?

Question177: Which is MOST important to enable a timely response to a security breach?

Question178: Which of the following measures BEST indicates an improvement in the information security program to stakeholders?

Question179: A risk assessment report shows that phishing attacks are an emerging threat for an organization that supports online financial services. Which of the following is the information security manager's BEST course of action?

Question180: The BEST way to determine the current state of information security with regard to defined security objectives is by performing a:

Question181: Which of the following BEST supports the alignment of information security with business functions?

Question182: An organization is considering whether to allow employees to use personal computing devices for business purposes To BEST facilitate senior management's decision, the information security manager should:

Question183: Which of the following helps to ensure that the appropriate resources are applied in a timely manner after an incident has occurred?

Question184: Which of the following is BEST determined by using technical metrics?

Question185: After a security incident has been contained, which of the following should be done FIRST?

Question186: An information security manager is asked to provide a short presentation on the organization's current IT risk posture to the board of directors. Which of the following would be MOST effective To include in this presentation?

Question187: What should an information security team do FIRST when notified by the help desk that an employee's computer has been infected with ma I ware?

Question188: During which phase of an incident response process should corrective actions to the response procedure be considered and implemented?

Question189: An information security manager has been made aware that some employees are discussing confidential corporate business on social media sites. Which of the following is the BEST response to this situation?

Question190: Which of the following should be the PRIMARY consideration when developing a security governance framework for an enterprise?

Question191: An inexperienced information security manager is relying on its internal audit department to design and implement key security controls. Which of the following is the GREATEST risk?

Question192: Which of the following would be MOST useful in a report to senior management for evaluating changes in the organization's information security risk position?

Question193: Which of the following is MOST effective against system intrusions?

Question194: Which of the following would be an information security manager's BEST course of action upon learning a third-party cloud provider is not meeting information security with regard to data encryption?

Question195: Which of the following is MOST important for an information security manager to consider when developing a new information security policy?

Question196: Which of the following is MOST critical for the successful implementation of an information security strategy?

Question197: Which of the following should be done FIRST when selecting performance metrics to report on the vendor risk management process?

Question198: A multinational organization has developed a bring your own device (BYOD) policy that requires the installation of mobile device management (MDM) software on personally owned devices. Which of the following poses the GREATEST challenge for implementing the policy?

Question199: Which of the following BEST demonstrates the maturity of an information security monitoring program?

Question200: An information security manager determines there are a significant number of exceptions to a newly released industry-required security standard. Which of the following should be done NEXT?

Question201: Which of the following is MOST critical for an effective information security governance framework?

Question202: Which of the following is a MAIN security challenge when conducting a post-incident review related to bring your own device (BYOD) in a mature, diverse organization?

Question203: To ensure adequate disaster-preparedness among IT infrastructure personnel, it is MOST important to:

Question204: A security incident has resulted in a failure of the enterprise resource planning (ERP) system. While the incident is handled by the incident response team, the help desk is overrun by queries from department managers on the state of the ERP system. What is the MOST likely reason for this situation?

Question205: Which of the following BEST facilitates the development of a comprehensive information security policy?

Question206: Which of the following is the MOST effective method for assessing the effectiveness of a security awareness program?

Question207: Executive management is considering outsourcing all IT operations. Which of the following functions should remain internal?

Question208: Which of the following would BEST enhance firewall security?

Question209: After adopting an information security framework, an information security manager is working with senior management to change the organization-wide perception that information security is solely the responsibility of the information security department. To achieve this objective, what should be the information security manager's FIRST initiative?

Question210: Which of the following is the BEST way to demonstrate to senior management that organizational security practices comply with industry standards?

Question211: Which of the following BEST measures the effectiveness of an organization's information security strategy?

Question212: The PRIMARY reason an organization would require that users sign an acknowledgment of their system access responsibilities is to:

Question213: The effectiveness of security awareness programs in fostering positive security cultures is MOST dependent upon employee:

Question214: A risk management program will be MOST effective when:

Question215: The MAIN reason for an information security manager to monitor industry level changes in the business and FT is to:

Question216: When customer data has been compromised, an organization should contact law enforcement authorities:

Question217: Which of the following is the MOST important component of a risk profile?

Question218: It is suspected that key emails have been viewed by unauthorized parties. The email administrator conducted an investigation but it has not returned any information relating to the incident, and leaks are continuing.
Which of the following is the BEST recommended course of action to senior management?

Question219: A PRIMARY advantage of involving business management in evaluating and managing information security risks is that they:

Question220: Which of the following is the BEST way for an information security manager to identify compliance with information security policies within an organization?

Question221: Which of the following is the BKT approach for an information security manager when developing new information security policies?

Question222: The PRIMARY goal of conducting a business impact analysis (BIA) as part of an overall continuity planning process is to:

Question223: Which of the following is the GREATEST benefit of integrating a security information and event management (SIEM) solution with traditional security tools such as IDS, anti-malware. and email screening solutions?

Question224: A review of a number of recent XT system rollouts identified a failure to incorporate security within planning, development and implementation. Which of the following is the MOST effective way to prevent a recurrence for future systems?

Question225: The selection of security controls is PRIMARILY linked to:

Question226: When aligning an organization's information security program with other risk and control activities, it is MOST important to:

Question227: Which of the following is the MOST important function of information security?

Question228: Which of the following is the BEST indication of an effective information security program?

Question229: Which of the following is MOST important for an information security manager to include in a report to senior management following a post-incident review?

Question230: An application system stores customer confidential data and encryption is not practical. The BEST measure to protect against data disclosure is:

Question231: An executive's personal mobile device used for business purposes is reported lost. The information security manager should respond based on:

Question232: Which of the following BEST describes a buffer overflow?

Question233: Who is MOST important to include when establishing the response process for a significant security breach that would impact the IT infrastructure and cause customer data toss?

Question234: Following a recent acquisition, an information security manager has been requested to address the outstanding risk reported early in the acquisition process. Which of the following is the manager s BEST course of action?

Question235: What should be an information security manager's FIRST course of action upon learning of a security threat that has occurred in the industry for the first time?

Question236: Which of the following is the BEST approach for an information security manager to effectively manage third-party risk?

Question237: Which of the following would provide the BEST justification for a new information security investment?

Question238: Which of the following is a PRIMARY responsibility of an information security governance committee'

Question239: Which of the following is the KEY outcome of conducting a post-incident review?

Question240: Which of the following processes is the FIRST step in establishing an information security policy?

Question241: In a risk assessment after the identification of threats to organizational assets, the information security manager would:

Question242: An organization was forced to pay a ransom to regain access to a critical database that had been encrypted in a ransomware attack. What would have BEST prevented The need to make this ransom payment?

Question243: Which of the following is the PRIMARY reason for performing an analysis of the threat landscape on a regular basis?

Question244: Before final acceptance of residual risk, what is the BEST way for an information security manager to address risk factors determined to be lower than acceptable risk levels?

Question245: Which of the following will BEST provide an organization with ongoing assurance of the information security services provided by a cloud provider?

Question246: When establishing the trigger levels for an organization's key risk indicators (KRIs), the thresholds should be based PRIMARILY on the organization's:

Question247: To implement a security framework, an information security manager must FIRST develop:

Question248: Which of the following should be the MOST important criteria when defining data retention policies?

Question249: Which of the following is the BEST option for addressing regulations that will adversely affect the allocation of information security program resources?

Question250: Which of the following is MOST important for the effectiveness of an incident response function?

Question251: Which of the following would BEST justify spending for a compensating control?

Question252: Which of the following is the MOST critical security risk to consider for a start-up company in an emerging field?

Question253: Which of the following is the MOST effective way of ensuring that business units comply with an information security governance framework?

Question254: An organization is developing a disaster recover/ plan for a data center that hosts multiple applications. The application recovery sequence would BEST be determined through an analysis of:

Question255: Which of the following is MOST helpful to management in determining whether risks are within an organization's tolerance level?

Question256: The use of a business case to obtain funding for an information security investment is MOST effective when the business case:

Question257: Which of the following is the MOST important requirement for the successful implementation of security governance?

Question258: An information security manager has observed multiple exceptions for a number of different security controls.
Which of the following should be the information security manager's FIRST course of action?

Question259: Which of the following would provide nonrepudiation of electronic transactions?

Question260: Which of the following provides the BEST evidence that a recently established information security program is effective?

Question261: Which of the following is the MOST important reason to consider the role of the IT service desk when developing incident handling procedures?

Question262: An organization has an approved bring your own device (BYOD) program. Which of the following is the MOST effective method to enforce application control on personal devices?

Question263: During the establishment of a service level agreement (SLA) with a cloud service provider, it is MOST important for the information security manager to:

Question264: An organization's security policy is to disable access to USB storage devices on laptops and desktops. Which of the following is the STRONGEST justification foi granting an exception to the policy?

Question265: An outsourced vendor handles an organization's business-critical data. Which of the following is the MOST effective way for the client organization to obtain assurance of the vendor's security practices?

Question266: When integrating information security requirements into software development, which of the following practices should be FIRST in the development lifecycle?

Question267: The MOST important reason that security risk assesements should be conducted frequently through an organization is because:

Question268: Which of the following would BEST enable an organization to effectively monitor the implementation of standardized configurations?

Question269: An organization with a maturing incident response program conducts post-incident reviews for all major information security incidents. The PRIMARY goal of these reviews should be to:

Question270: In information security governance, the PRIMARY role of the board of directors is to ensure:

Question271: An organization has detected sensitive data leakage caused by an employee of a third-party contractor. What is the BEST course of action to address this issue?

Question272: Which of the following is the MOST effective method to help ensure information security incidents are reported?

Question273: A new organization has been hit with a ransomware attack that is critically impacting its business operations.
The organization does not yet have a proper incident response plan, but it does have a backup procedure for restoration of data. Which of the following should be the FIRST course of action?

Question274: Which of the following is MOST important for an information security manager to communicate to senior management regarding the security program?

Question275: The BEST way to minimize errors in the response to an incident is to:

Question276: A new program has been implemented to standardize security configurations across a multinational organization Following implementation, the configuration standards should:

Question277: The BEST way to identify the criticality of systems to the business is through:

Question278: Which of the following is the MOST important reason to document information security incidents that are reported across the organization?

Question279: The PRIMARY purpose of asset valuation for the management of information security is to:

Question280: Which of the following would BEST help to ensure compliance with an organizations information security requirements by an IT service provider?

Question281: To prevent computers on the corporate network from being used as part of a distributed denial of service (DDoS) attack, the information security manager should use:

Question282: Which of the following would BEST fulfill a board of directors' request for a concise

Question283: Which of the following should be the information security manager's NEXT step following senior management approval of the information security strategy?

Question284: An organization involved in e-commerce activities operating from its home country opened a new office in another country wit! stringent security laws. In this scenario, the overall security strategy should be based on:

Question285: An information security manager has identified multiple areas of compliance risk that could subject the organization to significant penalties regarding the handling of personal data. Which of the following is the manager s BEST course of action?

Question286: Which of the following is MOST helpful in protecting against hacking attempts on the production network?

Question287: Inadvertent disclosure of internal business information on social media is BEST minimized by which of the following?