- All Exams Instant Download
In accordance with best practices and international standards, how often is security awareness training provided to employees of an organization?
In accordance with best practices and international standards, how often is security awareness training provided to employees of an organization?A . Every 18 monthsB . Every 12 monthsC . High risk environments 6 months, low risk environments 12 monthsD . Every 6 monthsView AnswerAnswer: B
Information security policies should be reviewed _____________________.
Information security policies should be reviewed _____________________.A . by the internal audit semiannuallyB . by the CISO when new systems are brought onlineC . by the Incident Response team after an auditD . by stakeholders at least annuallyView AnswerAnswer: D
Which of the following is MOST likely to be discretionary?
Which of the following is MOST likely to be discretionary?A . PoliciesB . ProceduresC . GuidelinesD . StandardsView AnswerAnswer: C
The alerting, monitoring and life-cycle management of security related events is typically handled by the_________________.
The alerting, monitoring and life-cycle management of security related events is typically handled by the_________________.A . risk management processB . risk assessment processC . governance, risk, and compliance toolsD . security threat and vulnerability management processView AnswerAnswer: D
Which of the following has the GREATEST impact on the implementation of an information security governance model?
Which of the following has the GREATEST impact on the implementation of an information security governance model?A . Complexity of organizational structureB . Distance between physical locationsC . Organizational budgetD . Number of employeesView AnswerAnswer: A
Which of the following qualifications and experience would be MOST desirable to find in a candidate?
A company wants to fill a Chief Information Security Officer position in the organization. They need to define and implement a more holistic security program. Which of the following qualifications and experience would be MOST desirable to find in a candidate?A . Industry certifications, technical knowledge and program management skillsB...
You have recently drafted a revised information security policy. From whom should you seek endorsement in order to have the GREATEST chance for adoption and implementation throughout the entire organization?
You have recently drafted a revised information security policy. From whom should you seek endorsement in order to have the GREATEST chance for adoption and implementation throughout the entire organization?A . Chief Executive OfficerB . Chief Information OfficerC . Chief Information Security OfficerD . Chief Information OfficerView AnswerAnswer: A
When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?
When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?A . Compliance with local privacy regulationsB . An independent Governance, Risk and Compliance organizationC . Support Legal and HR teamsD . Alignment of security goals with business...
Ensuring that the actions of a set of people, applications and systems follow the organization’s rules is BEST described as:
Ensuring that the actions of a set of people, applications and systems follow the organization’s rules is BEST described as:A . Compliance managementB . Security managementC . Risk managementD . Mitigation managementView AnswerAnswer: A
Credit card information, medical data, and government records are all examples of:
Credit card information, medical data, and government records are all examples of:A . NoneB . Communications InformationC . Bodily InformationD . Confidential/Protected InformationE . Territorial InformationView AnswerAnswer: D
