512-50

Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?A . Need to comply with breach disclosure laws B. Need to transfer the risk associated with...

The single most important consideration to make when developing your security program, policies, and processes is:A . Budgeting for unforeseen data compromises B. Streamlining for efficiency C. Alignment with the business D. Establishing your authority as the Security ExecutiveView AnswerAnswer: C

A company wants to fill a Chief Information Security Officer position in the organization. They need to define and implement a more holistic security program. Which of the following qualifications and experience would be MOST desirable to find in a candidate?A . Multiple certifications, strong technical capabilities and lengthy resume...

The framework that helps to define a minimum standard of protection that business stakeholders must attempt to achieve is referred to as a standard of:A . Due Protection B. Due Care C. Due Compromise D. Due processView AnswerAnswer: B

A global retail company is creating a new compliance management process. Which of the following regulations is of MOST importance to be tracked and managed by this process?A . Information Technology Infrastructure Library (ITIL) B. International Organization for Standardization (ISO) standards C. Payment Card Industry Data Security Standards (PCI-DSS) D....

You have recently drafted a revised information security policy. From whom should you seek endorsement in order to have the GREATEST chance for adoption and implementation throughout the entire organization?A . Chief Information Security Officer B. Chief Executive Officer C. Chief Information Officer D. Chief Legal CounselView AnswerAnswer: B

What is the main purpose of the Incident Response Team?A . Ensure efficient recovery and reinstate repaired systems B. Create effective policies detailing program activities C. Communicate details of information security incidents D. Provide current employee awareness programsView AnswerAnswer: A

Which of the following is a MAJOR consideration when an organization retains sensitive customer data and uses this data to better target the organization’s products and services?A . Strong authentication technologies B. Financial reporting regulations C. Credit card compliance and regulations D. Local privacy lawsView AnswerAnswer: D

A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. Which of the following standards and guidelines can BEST address this organization’s need?A . International Organization for Standardizations C 22301 (ISO-22301) B. Information Technology Infrastructure Library (ITIL) C....

The establishment of a formal risk management framework and system authorization program is essential. The LAST step of the system authorization process is:A . Contacting the Internet Service Provider for an IP scope B. Getting authority to operate the system from executive management C. Changing the default passwords D. Conducting...