- All Exams Instant Download
When implementing Internet Protocol security (IPsec) architecture, the servers involved in application delivery:
When implementing Internet Protocol security (IPsec) architecture, the servers involved in application delivery:A . communicate via Transport Layer Security (TLS), B. block authorized users from unauthorized activities. C. channel access only through the public-facing firewall. D. channel access through authentication.View AnswerAnswer: D
Which of the following components of a risk assessment is MOST helpful to management in determining the level of risk mitigation to apply?
Which of the following components of a risk assessment is MOST helpful to management in determining the level of risk mitigation to apply?A . Risk identification B. Risk classification C. Control self-assessment (CSA) D. Impact assessmentView AnswerAnswer: D
An organizations audit charier PRIMARILY:
An organizations audit charier PRIMARILY:A . describes the auditors' authority to conduct audits. B. defines the auditors' code of conduct. C. formally records the annual and quarterly audit plans. D. documents the audit process and reporting standards.View AnswerAnswer: A
Which of the following recommendations would BEST address the risk with minimal disruption to the business?
In a 24/7 processing environment, a database contains several privileged application accounts with passwords set to never expire . Which of the following recommendations would BEST address the risk with minimal disruption to the business?A . Modify applications to no longer require direct access to the database. B. Introduce database...
An IT balanced scorecard is the MOST effective means of monitoring:
An IT balanced scorecard is the MOST effective means of monitoring:A . governance of enterprise IT. B. control effectiveness. C. return on investment (ROI). D. change management effectiveness.View AnswerAnswer: A
Which of the following will be the MOST effective method to verify that a service vendor keeps control levels as required by the client?
Which of the following will be the MOST effective method to verify that a service vendor keeps control levels as required by the client?A . Conduct periodic on-site assessments using agreed-upon criteria. B. Periodically review the service level agreement (SLA) with the vendor. C. Conduct an unannounced vulnerability assessment of...
Which of the following metrics BEST indicates the effectiveness of awareness training?
An organization conducted an exercise to test the security awareness level of users by sending an email offering a cash reward 10 those who click on a link embedded in the body of the email . Which of the following metrics BEST indicates the effectiveness of awareness training?A . The...
What is MOST important to verify during an external assessment of network vulnerability?
What is MOST important to verify during an external assessment of network vulnerability?A . Update of security information event management (SIEM) rules B. Regular review of the network security policy C. Completeness of network asset inventory D. Location of intrusion detection systems (IDS)View AnswerAnswer: C
Which of the following metrics would BEST assure compliance with this policy?
An organization's security policy mandates that all new employees must receive appropriate security awareness training . Which of the following metrics would BEST assure compliance with this policy?A . Percentage of new hires that have completed the training. B. Number of new hires who have violated enterprise security policies. C....
Which of the following is MOST useful for determining whether the goals of IT are aligned with the organization's goals?
Which of the following is MOST useful for determining whether the goals of IT are aligned with the organization's goals?A . Balanced scorecard B. Enterprise dashboard C. Enterprise architecture (EA) D. Key performance indicators (KPIs)View AnswerAnswer: B
