- All Exams Instant Download
Developing effective security controls is a balance between:
Developing effective security controls is a balance between:A . Risk Management and OperationsB . Corporate Culture and Job ExpectationsC . Operations and RegulationsD . Technology and Vendor ManagementView AnswerAnswer: A
An organization's Information Security Policy is of MOST importance because
An organization's Information Security Policy is of MOST importance becauseA . it communicates management’s commitment to protecting information resourcesB . it is formally acknowledged by all employees and vendorsC . it defines a process to meet compliance requirementsD . it establishes a framework to protect confidential informationView AnswerAnswer: A
What is the first thing that needs to be completed in order to create a security program for your organization?
What is the first thing that needs to be completed in order to create a security program for your organization?A . Risk assessmentB . Security program budgetC . Business continuity planD . Compliance and regulatory analysisView AnswerAnswer: A
Which of the following is the MOST important for a CISO to understand when identifying threats?
Which of the following is the MOST important for a CISO to understand when identifying threats?A . How vulnerabilities can potentially be exploited in systems that impact the organizationB . How the security operations team will behave to reported incidentsC . How the firewall and other security devices are configured...
What is the main purpose of the Incident Response Team?
What is the main purpose of the Incident Response Team?A . Ensure efficient recovery and reinstate repaired systemsB . Create effective policies detailing program activitiesC . Communicate details of information security incidentsD . Provide current employee awareness programsView AnswerAnswer: A
Which of the following qualifications and experience would be MOST desirable to find in a candidate?
A company wants to fill a Chief Information Security Officer position in the organization. They need to define and implement a more holistic security program. Which of the following qualifications and experience would be MOST desirable to find in a candidate?A . Multiple certifications, strong technical capabilities and lengthy resumeB...
Why is it vitally important that senior management endorse a security policy?
Why is it vitally important that senior management endorse a security policy?A . So that they will accept ownership for security within the organization.B . So that employees will follow the policy directives.C . So that external bodies will recognize the organizations commitment to security.D . So that they can...
When an organization claims it is secure because it is PCI-DSS certified, what is a good first question to ask towards assessing the effectiveness of their security program?
When an organization claims it is secure because it is PCI-DSS certified, what is a good first question to ask towards assessing the effectiveness of their security program?A . How many credit card records are stored?B . How many servers do you have?C . What is the scope of the...
When deploying an Intrusion Prevention System (IPS) the BEST way to get maximum protection from the system is to deploy it
When deploying an Intrusion Prevention System (IPS) the BEST way to get maximum protection from the system is to deploy itA . In promiscuous mode and only detect malicious traffic.B . In-line and turn on blocking mode to stop malicious traffic.C . In promiscuous mode and block malicious traffic.D ....
Information security policies should be reviewed:
Information security policies should be reviewed:A . by stakeholders at least annuallyB . by the CISO when new systems are brought onlineC . by the Incident Response team after an auditD . by internal audit semiannuallyView AnswerAnswer: A
