- All Exams Instant Download
What is the purpose of separation of duties?
What is the purpose of separation of duties?A . Internal control to prevent fraudB . Enhance exposure to functional areasC . Encourage collaborationD . Mitigate collusion and prevent theftView AnswerAnswer: A
What is a consideration when performing data collection in Information Security Continuous Monitoring?
What is a consideration when performing data collection in Information Security Continuous Monitoring?A . Data collection efficiency is increased through automation.B . The more data collected, the better chances to catch an anomaly.C . Collection is used only for compliance requirements.D . Data is best captured as it traverses the...
What is used to ensure an organization understands the security risk to operations, assets, and individuals?
What is used to ensure an organization understands the security risk to operations, assets, and individuals?A . Risk Management StrategyB . Risk AssessmentC . Operational AssessmentD . Risk ProfileView AnswerAnswer: B
What database is used to record and manage assets?
What database is used to record and manage assets?A . Configuration Management DatabaseB . Asset Inventory Management DatabaseC . High Availability Mirrored DatabaseD . Patch Management Inventory DatabaseView AnswerAnswer: A
What should an organization use to effectively mitigate against password sharing to prevent unauthorized access to systems?
What should an organization use to effectively mitigate against password sharing to prevent unauthorized access to systems?A . Access through a ticketing systemB . Frequent password resetsC . Strong password requirementsD . Two factor authenticationView AnswerAnswer: D
What helps an organization compare an "as-is, to-be" document and identify opportunities for improving cybersecurity posture useful for capturing organizational baselines of today and their desired state of tomorrow so that a gap analysis can be conducted?
What helps an organization compare an "as-is, to-be" document and identify opportunities for improving cybersecurity posture useful for capturing organizational baselines of today and their desired state of tomorrow so that a gap analysis can be conducted?A . FrameworkB . CoreC . AssessmentD . ProfileView AnswerAnswer: D
What could be considered a set of cybersecurity activities, desired outcomes, and applicable references that are common across critical infrastructure sectors and align to five concurrent and continuous functions?
What could be considered a set of cybersecurity activities, desired outcomes, and applicable references that are common across critical infrastructure sectors and align to five concurrent and continuous functions?A . BaselineB . CoreC . ProfileD . GovernanceView AnswerAnswer: B
What type of asset should the product catalog database be categorized as?
The information security manager for a major web based retailer has determined that the product catalog database is corrupt. The business can still accept orders online but the products cannot be updated. Expected downtime to rebuild is roughly four hours. What type of asset should the product catalog database be...
Which phase in the SDLC is most concerned with maintaining proper authentication of users and processes to ensure an appropriate access control policy is defined?
Which phase in the SDLC is most concerned with maintaining proper authentication of users and processes to ensure an appropriate access control policy is defined?A . ImplementationB . Operation / MaintenanceC . InitiationD . Development / AcquisitionView AnswerAnswer: B
What type of item appears in the second column of the table?
Refer to the exhibit. What type of item appears in the second column of the table?A . SubcategoryB . Informative ReferenceC . FunctionD . TierView AnswerAnswer: A
