Question1: Which of the following is a PRIMARY objective of incident classification?
Question2: An organization has implemented an enhanced password policy for business applications which requires significantly more business resource to support clients. The BEST approach to obtain the support of business management would be to:
Question3: A new privacy regulation is due to take effect in a region where an organization does business. Which of the following would be MOST helpful in understanding what .. needs to do to maintain compliance?
Question4: An information security manager has identified multiple areas of compliance risk that could subject the organization to significant penalties regarding the handling of personal data. Which of the following is the manager s BEST course of action?
Question5: The MOST important objective of monitoring key risk indicators (KRIs) related to information security is to:
Question6: Which of the following should be an information security manager's PRIMARY role when an organization initiates a data classification process?
Question7: An information security manager terms that the root password of an external FTP server may be subject to brute force attacks. Which of the following would be the MOST appropriate way to reduce the likelihood of a successful attack?.
Question8: A business unit has updated its long-term business plan to include a strategy of upgrading information management system to increase productivity. To support this initiative, with the information security strategy?
Question9: Which of the following is the GREATEST risk of single sign-on?
Question10: An information security manager is implementing controls to protect the organization's data. The FIRST step in this process should be to:
Question11: Which of the following should be an information security manager s MOST important consideration when conducting a physical security review of a potential outsourced data center?
Question12: Which of the following is MOST effective in the strategic alignment of security initiatives?
Question13: Shortly after installation, an intrusion detection system (IDS) reports a violation. Which of the following is the MOST likely explanation?
Question14: What should be an organization's. MAIN concern when evaluating an Infrastructure as a Service (laaS) cloud computing model for an e-commerce application?
Question15: When drafting the corporate privacy statement for a public web site, which of the following MUST be included?
Question16: Failure to include information security requirements within the build/buy decision would MOST likely result in the need for:
Question17: Which of the following is the PRIMARY purpose for establishing a bring your own device (BYOD) policy that only permits application downloads from designated online markets.
Question18: During the establishment of a service level agreement (SLA) with a cloud service provider, it is MOST important for the information security manager to:
Question19: An organization with a strict need-to-know information access policy is about to launch a knowledge management intranet. Which of the following is the MOST important activity to ensure compliance with existing security policies?
Question20: For a user of commercial software downloaded from the Internet, which of the following is the MOST effective means of ensuring authenticity?
Question21: Which of the following should be define* I FIRST when creating an organization's information security strategy?
Question22: Which of the following is the MOST important consideration for designing an effective information security governance framework?
Question23: Which of the following is MOST relevant for an information security manager to communicate to IT operations?
Question24: An organization wants to ensure its confidential data is isolated in a multi-tenanted environment at a well-known cloud service provider. Which of the following is the BEST way to ensure the data is adequately protected?
Question25: An information security manager is reviewing the impact of a regulation on the organization's human resources system. The NEXT course of action should be to:
Question26: To ensure adequate disaster-preparedness among IT infrastructure personnel, it is MOST important to:
Question27: What is the PRIMARY role of the information security program?
Question28: Which of the following is the MOST effective way to achieve the integration of information security governance into corporate governance?
Question29: During an emergency security incident, which of the following would MOST likely predict the worst-case scenario?
Question30: Which of the following should be of GREATEST concern to a newly hired information security manager regarding security compliance?
Question31: A business unit has requested IT to implement simple authentication using IDs and passwords. The information security policy requires using multi-factor authentication. The information security manager should FIRST:
Question32: The effectiveness of security awareness programs in fostering positive security cultures is MOST dependent upon employee:
Question33: After a security incident has been contained, which of the following should be done FIRST?
Question34: Which of the following is the MOST effective control to reduce the impact of ransomware attacks?
Question35: Which of the following would present the GREATEST challenge to integrating information security governance into corporate governance?
Question36: Which of the following is MOST important to the successful implementation of an information security governance framework across the organization?
Question37: A risk was identified during a risk assessment. The business process owner has chosen to accept the risk because the cost of remediation is greater than the projected cost of a worst-case scenario. What should be the information security manager's NEXT course of action?
Question38: Which of the following BEST indicates that information security will be considered when new IT technologies are implemented across an organization?
Question39: What should an information security team do FIRST when notified by the help desk that an employee's computer has been infected with ma I ware?
Question40: Which of the following BEST demonstrates effective information security management within an organization?
Question41: Which of the following has the PRIMARY responsibility of ensuring an organizations information security strategy supports business goals?
Question42: Which of the following is the MOST important driver when developing an effective information security strategy?
Question43: The MOST important reason that security risk assesements should be conducted frequently through an organization is because:
Question44: Which of the following is MOST helpful in integrating information security governance with corporate governance?
Question45: When preventative controls to appropriately mitigate risk are not feasible, which of the following is the MOST important action for the information security manager to perform?
Question46: Which of the following is the GREATEST benefit of information asset classification to an organization?
Question47: Which of the following is the MOST effective method to prevent a SQL injection in an employee portal?
Question48: Which of the following is an example of a change to the external threat landscape?
Question49: Which of the following would BEST help to ensure an organization's information security strategy is aligned with business objectives?
Question50: Which of the following is the PRIMARY responsibility of an information security manager in an organization that is implementing the use of company-owned mobile devices in its operations?
Question51: Which of the following is the MOST important component of a risk profile?
Question52: An organization is about to purchase a rival organization. The PRIMARY reason for performing information security due diligence prior to making the purchase is to:
Question53: Which of the following would be the BEST way for a company to reduce the risk of data loss resulting from employee-owned devices accessing the corporate email system?
Question54: Which of the following would BEST help to ensure an organization s security program is aligned with business objectives?
Question55: What should be the information security manager s MOST important consideration when planning a disaster recovery test?
Question56: The PRIMARY role of an information security steering group is to ensure that:
Question57: A global organization is developing an incident response team (IRT). The organization wants to keep headquarters informed of aP incidents and wants to be able to present a unified response to widely dispersed events. Which of the following IRT models BEST supports these objectives?
Question58: An information security manager s PRIMARY objective for presenting key risks to the board of directors is to:
Question59: Which of the following is an example of a vulnerability?
Question60: The MOST important reason to use a centralized mechanism to identify information security incidents is to:
Question61: Which of the following is the PRIMARY purpose of conducting a business impact analysis (BIA)?
Question62: An online payment provider's computer security incident response team has confirmed that a customer credit card database was breached. Which of the following would be MOST important to include in a report to senior management?
Question63: Which of the following would provide senior management with the BEST overview of the performance of information security risk treatment options?
Question64: Which of the following is the PRIMARY reason an information security strategy should be deployed across an organization?
Question65: Which of the following would present the GREATEST need to revise information security poll'
Question66: Which of the following is the BIST course of action for the information security manager when residual risk is above the acceptable level of risk?
Question67: The MOST important reason for an information security manager to be involved in a new software purchase initiative is to:
Question68: A large organization is considering a policy that would allow employees to briog their own smartphones into the organizational environment. The MOST important concern to the information security manager should be the:
Question69: Which of the following would be an information security manager's PRIMARY challenge when deploying a bring your own device (BYOD) mobile program in an enterprise?
Question70: An inexperienced information security manager is relying on its internal audit department to design and implement key security controls. Which of the following is the GREATEST risk?
Question71: Which of the following would BEST help an information security manager prioritize remediation activities to meet regulatory requirements?
Question72: Which of the following should an incident response team do NEXT after validating an event is an incident?
Question73: Ensuring that activities performed by outsourcing providers comply with information security policies can BEST be accomplished through the use of:
Question74: Segregation of duties is a security control PRIMARILY used to:
Question75: Which of the following will BEST ensure that risk is evaluated on system level changes?
Question76: Which of the following is the PRIMARY product of a business impact analysis (BIA)?
Question77: Calculation of the recovery time objective (RTO) is necessary to determine the:
Question78: The MAIN reason for internal certification of web-based business applications is to ensure:
Question79: Which of the following is MOST important for the effectiveness of an incident response function?
Question80: Which of the following is the MOST reliable source of information about emerging information security threats and vulnerabilities?
Question81: Which of the following is the GREATEST risk to consider when a rival organization purchases a business unit within an organization?
Question82: Which of the following should be the FIRST step to ensure an information security program meets the requirements of new regulations?
Question83: A PRIMARY advantage of involving business management in evaluating and managing information security risks is that they:
Question84: During a new user provisioning process, who should have PRIMARY responsibility for determining appropriate access levels?
Question85: When aligning an organization's information security program with other risk and control activities, it is MOST important to:
Question86: An organization is considering moving one its critical business application to a cloud hosting service. The cloud provider may not provider the same level of security for its application as the organization. Which of the following will provide the BEST information to help maintain the security posture?
Question87: Which of the following BEST promotes stakeholder accountability in the management of information security risks?
Question88: The PRIMARY purpose of a security information and event management (SIEM) system is to:
Question89: Which of the following is the STRONGEST indicator of effective alignment between corporate governance and information security governance?
Question90: What should be an information security manager's FIRST course of action when an organization is subject to a new regulatory requirement?
Question91: Over the last year, an information security manager has performed risk assessments on multiple third-party vendors. Which of the following criteria would be MOST helpful in determining the associated level of risk applied to each vendor?
Question92: The PRIMARY goal of a security infrastructure design is the:
Question93: Establishing which of the following is the BEST way of ensuring that the emergence of new risk is promptly identified?
Question94: An information security manager discovers that the organization's new information security policy is not being followed across all departments. Which of the following should be of GREATEST concern to the information security manager?
Question95: Which of the following is the MOST effective way to ensure the information security risk associated with third-party services is addressed?
Question96: Which of the following would be the MOST important information to include in a business case for an information security project in a highly regulated industry?
Question97: Which of the following BEST ensures timely and reliable access to services?
Question98: An organization has decided to store production data in a cloud environment. What should be the FIRST consideration?
Question99: Which of the following presents the GREATEST concern to the information security manager when using account locking features on an online application? It can increase vulnerability to.
Question100: The PRIMARY focus of a training curriculum for members of an incident response team should be:
Question101: Which of the following is the MOST important outcome of monitoring and reporting on information security processes?
Question102: Which of the following should be the FIRST step of incident response procedures?
Question103: Which of the following is the MOST significant benefit of effective change management?
Question104: Planning for the implementation of an information security program is MOST effective when it:
Question105: An information security manager has been asked to identify potential threats to the organization's information.
Which of the following should be done FIRST'
Question106: When establishing classifications of security incidents for the development of an incident response plan, which of the following provides the MOST valuable input?
Question107: Internal audit has reported a number of information security issues which are not in compliance with regulatory requirements. What should the information security manager do FIRST?
Question108: Which of the following is the BEST mechanism to prevent data loss in the event personal computing equipment is stolen or lost?
Question109: Without prior approval, a training department enrolled the company in a free cloud-based collaboration site and invited employees to use it. Which of the following is the BEST response of the information security manager?
Question110: Which of the following is MOST helpful to management in determining whether risks are within an organization's tolerance level?
Question111: After undertaking a security assessment of a production system, the information security manager is MOST likely to:
Question112: Which of the following processes is the FIRST step in establishing an information security policy?
Question113: Which of the following is the MOST important action when using a web application that has recognized vulnerabilities?
Question114: To ensure appropriate control of information processed in IT systems, security safeguards should be based PRIMARILY on:
Question115: A business unit has updated its long-term business plan to include a strategy of upgrading information management systems to increase productivity. To support this initiative, what should be the PRIMARY basis for updating the corresponding. information security strategy?
Question116: When granting a vendor remote access to a system, which of the following is the MOST important consideration?
Question117: The PRIMARY reason for implementing scenario-based training for incident response is to:
Question118: Which of the following is the MOST important function of information security?
Question119: Which of the following BEST determines an information asset's classification?
Question120: Organization XYZ. a lucrative, Internet-only business, recently suffered a power outage that lasted 2 hours.
The organization s data center was unavailable in the interim. In order to mitigate risk in the MOST cost-efficient manner, the organization should:
Question121: Which of the following provides the BEST evidence that the information security program is aligned to the business strategy?
Question122: To gain a clear understanding of the impact that a new regulatory will have on an organization's security control, an information manager should FIRST.
Question123: A multinational organization has developed a bring your own device (BYOD) policy that requires the installation of mobile device management (MDM) software on personally owned devices. Which of the following poses the GREATEST challenge for implementing the policy?
Question124: Which of the following is MOST likely to reduce the effectiveness of a signature-based intrusion detection system (IDS)?
Question125: Which of the following is the PRIMARY benefit to an organization using an automated event monitoring solution?
Question126: Which of the following is the MOST important element of an effective external information security communication plan?
Question127: Which of the following would be MOST important to include in a bring your own device (BYOD) policy with regard to lost or stolen devices? The need for employees to:
Question128: An organization is the victim of a targeted attack, and is unaware of the compromise until a security analyst notices an additional user account on the firewall. The implementation of which of the following would have detected the incident?
Question129: When multiple Internet intrusions on a server are detected, the PRIMARY concern of the information security manager should be to ensure that the:
Question130: Which of the following devices, when placed in a demilitarized zone (DMZ). would be considered a significant exposure?
Question131: Which of the following is an information security manager's BEST course of action to address a significant materialized risk that was not prevented by organizational controls?
Question132: A risk analysis for a new system is being performed. For which of the following is business knowledge MORE important than IT knowledge?
Question133: When recommending a preventive control against cross-site scripting in web applications, an information security manager is MOST likely to suggest:
Question134: An organization has implemented a new customer relationship management (CRM) system. Who should be responsible for enforcing authorized and controlled access to the CRM data?
Question135: When customer data has been compromised, an organization should contact law enforcement authorities:
Question136: Which of the following is MOST important for effective communication during incident response?
Question137: Which of the following would be MOST helpful to reduce the amount of time needed by an incident response team to determine appropriate actions?
Question138: Which of the following is the MOST useful input for an information security manager when refreshing the organizations security strategy?
Question139: For a business operating in a competitive and evolving online market, it is MOST important for a security policy to focus on:
Question140: Following a malicious security incident, an organization has decided to prosecute those responsible. Which of the following will BEST facilitate the forensic investigation?
Question141: An information security manager has developed a strategy to address new information security risks resulting from recent change the business. Which of the following would be MOST important to include when presenting the strategy to senior management?
Question142: Which of the following is the GREATEST security threat when an organization allows remote access through a virtual private network (VPN)?
Question143: Which is the MOST important driver for effectively communicating the progress of a new information security program's implementation to key stakeholders?
Question144: Key systems necessary for branch operations reside at corporate headquarters. Branch A is negotiating with a third party to provide disaster recovery facilities. Which of the following contract terms would be the MOST significant concern?
Question145: Which of the following is the MOST effective way to ensure the development of an application system will align with organizational security standards?
Question146: Which of the following is MOST critical for the successful implementation of an information security strategy?
Question147: Which of the following provides the BEST justification for an information security investment when creating a business case
Question148: Which of the following service offerings in a typical Infrastructure as a Service (IaaS) model will BEST enable a cloud service provider to assist customers when recovering from a security incident?
Question149: In a resource-restricted security program, which of the following approaches will provide the BEST use of the limited resources?
Question150: A new mobile application is unable to adhere to the organization's authentication policy. Which of the following would be the information security manager's BEST course of action?
Question151: For an organization with a large and complex IT infrastructure, which of the following elements of a disaster recovery hot site service will require the closest monitoring?
Question152: When selecting risk response options to manage risk, an information security manager's MAIN focus should be on reducing:
Question153: Which of the following is the BEST way to ensure the effectiveness of a role-based access scheme?
Question154: Which of the following is the BEST way for an information security manager to promote the integration of information security considerations into key business processes?
Question155: When creating an incident response plan, the PRIMARY benefit of establishing a clear definition of a security incident is that it helps to:
Question156: Which of the following should be the PRIMARY expectation of management when an organization introduces an information security governance framework?
Question157: Which of the following is MOST important when carrying out a forensic examination of a laptop to determine an employee s involvement in a fraud?
Question158: Which of the following is the MOST effective way to mitigate the risk of confidential data leakage to unauthorized stakeholders?
Question159: Which of the following BEST enables effective closure of noncompliance issues?
Question160: To implement a security framework, an information security manager must FIRST develop:
Question161: When using a newly implemented security information and event management (SIEM) infrastructure, which of the following should be considered FIRST?
Question162: What is the MOST important factor for determining prioritization of incident response?
Question163: What is the BEST way for an information security manager to maintain continuous insight into the effectiveness of the organization's information security program?
Question164: A risk management program will be MOST effective when:
Question165: For an organization with operations in different parts of the world, the BEST approach for ensuring that security policies do not conflict with local laws and regulations is to:
Question166: Which of the following is MOST important to consider when developing a disaster recovery plan?
Question167: Which of the following is MOST helpful for aligning security operations with the IT governance framework?
Question168: Which of the following is MOST useful to include in a report to senior management on a regular basis to demonstrate the effectiveness of the information security program?
Question169: The PRIMARY purpose of asset valuation for the management of information security is to:
Question170: When responding to an incident, which of the following is required to ensure evidence remains legally admissible in court?
Question171: Which of the following is MOST important when selecting a third-party security operations center?
Question172: The frequency of conducting business impact analysis (BIA) should PRIMARILY be based on:
Question173: What is the PRIMARY benefit to executive management when audit risk, and security functions are aligned?
Question174: Which of the following is the BEST way to determine if an organization's current risk level is within the risk appetite?
Question175: A company has purchased a rival organization and is looking to integrate security strategies. Which of the following is the GREATEST issue to consider?
Question176: When developing a protection strategy for outsourcing applications, the information se<urity manager MUST ensure that:
Question177: When supporting an organization's privacy officer, which of the following is the information security managers PRIMARY role regarding privacy requirements?
Question178: Which of the following provides the BEST means of ensuring business units outside of IT have their information security concerns addressed?
Question179: Which of the following MUST be established before implementing a data loss prevention (DLP) system?
Question180: An information security manager is implementing a bring your own device (BYOD) program. Which of the following would BEST ensure that users adhere to the security standards?
Question181: Which of the following is MOST critical for an effective information security governance framework?
Question182: Which of the following is the PRIMARY benefit of using a tabletop method to conduct an incident response exercise?
Question183: Which of the following defines the triggers within a business continuity plan (BCP)?
Question184: Following a successful and well-publicized hacking incident, an organization alias plans to improve application security. Which of the following is a security project risk?
Question185: Which of the following is the MOST important consideration when establishing an information security governance framework?
Question186: Which of the following would BEST mitigate identified vulnerabilities in a timely manner?
Question187: Which of the following is MOST important to include in an information security strategy?
Question188: An organization establishes an internal document collaboration site. To ensure data confidentiality of each project group, it is MOST important to:
Question189: An organization s senior management is encouraging employees to use social media for promotional purposes.
Which of t following should be the information security manager's FIRST step to support this strategy?
Question190: Which of the following is MOST effective against system intrusions?
Question191: A recent phishing attack investigation showed that several employees had used their work email addresses to create personal accounts on a shopping site that had been breached. What is the BEST way to prevent this
Question192: When conducting a post-incident review, the GREATEST benefit of collecting mean time to resolution (MTTR) data is the ability to:
Question193: A payroll application system accepts individual user sign-on IDs and then connects to its database using a single application ID. The GREATEST weakness under this system architecture is that:
Question194: An organization's information security manager will find it MOST difficult to perform a post-incident review of a data leakage event when it is related to:
Question195: The GREATEST benefit of choosing a private cloud over a public cloud would be:
Question196: Which of the following is MOST important for an information security manager to communicate to senior management regarding the security program?
Question197: Which of the following is the BEST reason to initiate a reassessment of current risk?
Question198: Which of the following is the MOST useful metric for determining how well firewall logs are being monitored?
Question199: An organization has a policy in which all criminal activity is prosecuted. What is MOST important for the information security manager to ensure when an employee is suspected of using a company computer to commit fraud?
Question200: An audit reveals that some of an organizations software is end-of-life and the vendor will no longer provide support or security patches. Which of the following is the BEST way for the information security manager to address this situation?
Question201: Which of the following measures BEST indicates an improvement in the information security program to stakeholders?
Question202: When preparing a strategy for protection from SQL injection attacks, it is MOST important for the information security manager to involve:
Question203: Which of the following is MOST important to building an effective information security program?
Question204: Which of the following is the BEST resource for evaluating the strengths and weaknesses of an incident response plan?
Question205: Which of the following should an information security manager do FIRST when an organization plans to migrate all internally hosted applications to the cloud?
Question206: An organization is considering whether to allow employees to use personal computing devices for business purposes To BEST facilitate senior management's decision, the information security manager should:
Question207: What should be an information security manager's FIRST step when developing a business case for a new intrusion detection system (IDS) solution?
Question208: Which of the following would BEST justify spending for a compensating control?
Question209: A new regulation has been announced that requires mandatory reporting of security incidents that affect personal client information. Which of the following should be the information security manager's FIRST course of action?
Question210: Which of the following metrics would provide management with the MOST useful information about the effectiveness of a security awareness program?
Question211: Which of the following is MOST likely to result from a properly conducted post-incident review?
Question212: From a business perspective the MOST important function of information security is to support:
Question213: Adding security requirements late in the software development life cycle (SDLC) would MOST likely result in:
Question214: Which of the following provides the MOST relevant evidence of incident response maturity?
Question215: What is the MAIN reason for an organization to develop an incident response plan?
Identify training requirements for the incident response team.
Priorities treatment based on incident critically.
What is the MAIN reason for an organization to develop an incident response plan'
Question216: Which of the following outsourced services has the GREATEST need for security monitoring?
Question217: The PRIMARY benefit of integrating information security risk into enterprise risk management is to:
Question218: A newly hired information security manager discovers that the cleanup of accounts for terminated employees happens only once a year. Which of the following should be the information security manager's FIRST course of action?
Question219: Which of the following would BEST fulfill a board of directors' request for a concise
Question220: A review of a number of recent XT system rollouts identified a failure to incorporate security within planning, development and implementation. Which of the following is the MOST effective way to prevent a recurrence for future systems?
Question221: When an operating system is being hardened, it is MOST important for an information security manager to ensure that
Question222: An information security manager has been tasked with developing materials to update the board, regulatory agencies, and the media about a security incident. Which of the following should the information security manager do FIRST?
Question223: Business units within an organization are resistant to proposed changes to the information security program.
Which of the following is the BEST way to address this issue?
Question224: A cloud service provider is unable to provide an independent assessment of controls. Which of the following is the BEST way to obtain assurance that the provider can adequately protect the organization's information?
Question225: Which of the following should the information security manager do FIRST after a security incident has been reported?
Question226: A risk assessment report shows that phishing attacks are an emerging threat for an organization that supports online financial services. Which of the following is the information security manager's BEST course of action?
Question227: During the due diligence phase of an acquisition, the MOST important course of action for an information security manager is to:
Question228: Which of the following is the BKT approach for an information security manager when developing new information security policies?
Question229: Which of the following BEST indicates senior management support for an information security program?
Question230: Which of the following is the BEST way to sustain employee interest in information security awareness in an organization?
Question231: Which of the following is MOST helpful in protecting against hacking attempts on the production network?
Question232: An organization wants to integrate information security into its human resource management processes. Which of the following should be the FWST step?
Question233: Reviewing which of the following would provide the GREATEST Input to the asset classification process?
Question234: Which of the following is the MOST important criterion for complete closure of a security incident?
Question235: An information security steering group should:
Question236: Which of the following is the MOST appropriate board-level activity for information security governance?
Question237: Which of the following is MOST critical for responding effectively to security breaches?
Question238: In addition to business alignment and security ownership, which of the following is MOST critical for information security governance?
Question239: Which of the following is the BEST way for an information security manager to justify continued investment in the information security program when the organization is facing significant budget cuts?
Question240: What is the BEST way for a customer to authenticate an e-commerce vendor?
Question241: Which of the following methods BEST ensures that a comprehensive approach is used to direct information security activities?
Question242: Which of the following is MOST important for an information security manager to regularly report to senior management?
Question243: The PRIMARY objective for using threat modeling in web application development should be to:
Question244: The PRIMARY purpose of aligning information security with corporate governance objectives is to:
Question245: Which of the following is the BEST indication that an information security control is no longer relevant?
Question246: Information security governance is PRIMARILY a:
Question247: Within a security governance framework, which of the following is the MOST important characteristic of the information security committee? The committee:
Question248: Which of the following is MOST important for an information security manager to include in a report to senior management following a post-incident review?
Question249: Which of the following should be the PRIMARY input when defining the desired state of security within an organization?
Question250: A global organization has developed a strategy to share a customer information database between offices in two countries. In this situation, it is MOST important to ensure:
Question251: Which of the following defines the minimum security requirements that a specific system must meet?
Question252: During an annual security review of an organizations servers, it was found that the customer service team's file server, which contains sensitive customer data, is accessible to all user IDs in the organization. Which of the following should the information security manager do FIRST?
Question253: The selection of security controls is PRIMARILY linked to:
Question254: A new organization has been hit with a ransomware attack that is critically impacting its business operations.
The organization does not yet have a proper incident response plan, but it does have a backup procedure for restoration of data. Which of the following should be the FIRST course of action?
Question255: An organization plans to implement a document collaboration solution to allow employees to share company information. Which of the following is the MOST important control to mitigate the risk associated with the new solution?
Question256: Which of the following is MOST important when prioritizing an information security incident?
Question257: Which of the following will BEST facilitate the understanding of information security responsibilities by users across the organization?
Question258: Which of the following is the BEST method to defend against social engineering attacks?
Question259: During the restoration of several servers, a critical process that services external customers was restored late due to a failure, resulting in lost revenue. Which of the following would have BEST helped to prevent this occurrence?
Question260: Which of the following is the MOST important reason to develop an organizational threat profile?
Question261: Which of the following BEST demonstrates alignment between information security governance and corporate governance?
Question262: A system administrator failed to report a security incident where the critical application server was not available to the business users. Which of the following is the BEST way to prevent a reoccurrence?
Question263: An organization s senior management wants to allow employees to access an internal application using their personal mobile devices. Which of the following should be the information security managers FIRST course of action?
Question264: When trying to integrate information security across an organization, the MOST important goal for a governing body should be to ensure:
Question265: Which of the following is the MOST important factor when determining the frequency of information security risk reassessment?
Question266: Which of the following is MOST helpful for prioritizing the recovery of IT assets during a disaster?
Question267: Which of the following is the MOST important consideration when designing information security architecture?
Question268: To ensure IT equipment meets organizational security standards, the MOST efficient approach is to:
Question269: Which of the following is the BEST way to determine if an information security program aligns with corporate governance?
Question270: When making an outsourcing decision, which of the following functions is MOST important to retain within the organization?
Question271: Which of the following is the PRIMARY goal of a risk management program?
Question272: The PRIMARY goal of conducting a business impact analysis (BIA) as part of an overall continuity planning process is to:
Question273: Information security policies should be designed PRIMARILY on the basis of:
Question274: Which of the following is MOST important when selecting an information security metric?
Question275: The BEST way to improve the effectiveness of responding to and communicating security incidents is to ensure:
Question276: To gain a clear+ understanding of the impact that a new regulatory requirement will have on an organization s information security controls, an information security manager should FIRST:
Question277: Which of the following is the MOST effective way for senior management to support the integration of information security governance into corporate governance?
Question278: Which of the following tools BEST demonstrates the effectiveness of the information security program?
Question279: Which of the following is the MOST important consideration of the information security manager to ensure effective security monitoring of outsourced operations?
Question280: Which of the following should be communicated FIRST to senior management once an information security incident has been contained?
Question281: When creating an information security governance program, which of the following will BEST enable the organization to address regulatory compliance requirements?
Question282: Which of the following presents the GREATEST information security concern when deploying an identity and access management solution?
Question283: Which of the following is the BEST approach for determining the maturity level of an information security program?
Question284: Which of the following is MOST likely to result from a properly conducted post-incident review?
Question285: Labeling information according to its security classification:
Question286: Which of the following would be MOST effective when justifying the cost of adding security controls to an existing web application?
Question287: Which of the following metrics provides the BEST indication of the effectiveness of a security awareness campaign?
Question288: When the inherent risk of a business activity is lower than the acceptable risk level, the BEST course of action would be to:
Question289: Which of the following is the MOST effective way to mitigate the risk of data loss in the event of a stolen laptop?
Question290: When developing a new system, detailed information security functionality should FIRST be addressed:
Question291: Information classification is a fundamental step in determining:
Question292: The MAIN consideration when designing an incident escalation plan should be ensuring that:
Question293: Which of the following is the BEST method to ensure that data owners take responsibility for implementing information security processes?
Question294: Which of the following is the BEST way to address any gaps identified during an outsourced provider selection and contract negotiation process?
Question295: Which of the following is the PRIMARY benefit of using agentless endpoint security solutions?
Question296: Following a highly sensitive data breach at a large company, all servers and workstations were patched. The information security manager s NEXT step should be to:
Question297: Which of the following is the PRIMARY objective of a business impact analysis (BIA)?