Certified Information Security Manager Questions and Answers
When properly implemented, secure transmission protocols protect transactions:
Which of the following is the BEST way to enhance training for incident response teams?
When selecting metrics to monitor the effectiveness of an information security program, it is MOST important for an information security manager to:
An information security program is BEST positioned for success when it is closely aligned with:
Which of the following is the BEST way to compete for funding for an information security program in an organization with limited resources?
During which of the following phases should an incident response team document actions required to remove the threat that caused the incident?
The department head of application development has decided to accept the risks identified in a recent assessment. No recommendations will be implemented, even though the recommendations are required by regulatory oversight. What should the information security manager do NEXT?
Senior management recently approved a mobile access policy that conflicts with industry best practices. Which of the following is the information security manager's BEST course of action when developing security standards for mobile access to the organization's network?
Which of the following BEST indicates the effectiveness of the vendor risk management process?
Which of the following is MOST important to include in a post-incident review following a data breach?
Which of the following is MOST important to ensure the alignment of an information security program with the organizational strategy?
Which of the following BEST indicates that an information security governance framework has been successfully implemented?
An organization has acquired a company in a foreign country to gain an advantage in a new market. Which of the following is the FIRST step the information security manager should take?
When building support for an information security program, which of the following elements is MOST important?
When updating the information security policy to accommodate a new regulation, the information security manager should FIRST:
Which of the following is MOST important when developing an information security strategy?
Which of the following is the MOST important detail to capture in an organization's risk register?
Which of the following should be the GREATEST consideration when determining the recovery time objective (RTO) for an in-house critical application, database, or server?
To improve the efficiency of the development of a new software application, security requirements should be defined:
Measuring which of the following is the MOST accurate way to determine the alignment of an information security strategy with organizational goals?
Which of the following is the PRIMARY benefit of an information security awareness training program?
Which of the following would MOST effectively ensure that a new server is appropriately secured?
An organization wants to migrate a proprietary application to be hosted by a third-party cloud hosting provider using a Platform as a Service (PaaS) model. Prior to selecting the cloud provider, what is MOST important for the organization to ensure?
An information security manager learns of a new standard related to an emerging technology the organization wants to implement. Which of the following should the information security manager recommend be done FIRST?
Which of the following should have the MOST influence on the development of information security policies?
Which of the following factors would have the MOST significant impact on an organization's information security governance mode?
Which of the following should be done FIRST after a ransomware incident has been successfully contained?
Which of the following BEST enables an information security manager to demonstrate the effectiveness of the information security and risk program to senior management?
Following an unsuccessful denial of service (DoS) attack, identified weaknesses should be:
When creating an incident response plan, the PRIMARY benefit of establishing a clear definition of a security incident is that it helps to:
Which of the following is the MOST important reason for an information security manager to archive and retain the organization's electronic communication and email data?
When developing a business case to justify an information security investment, which of the following would BEST enable an informed decision by senior management?
To ensure the information security of outsourced IT services, which of the following is the MOST critical due diligence activity?
Which of the following should an organization do FIRST when confronted with the transfer of personal data across borders?
IT projects have gone over budget with too many security controls being added post-production. Which of the following would MOST help to ensure that relevant controls are applied to a project?
Which of the following should be the PRIMARY focus for an information security manager when reviewing access controls for data stored in an off-premise cloud environment?
Which of the following is the PRIMARY reason to monitor key risk indicators (KRIs) related to information security?
The PRIMARY consideration when responding to a ransomware attack should be to ensure:
Which of the following is MOST helpful in determining whether a phishing email is malicious?
Which of the following should be the PRIMARY consideration when developing an incident response plan?
An organization has just updated its backup capability to a new cloud-based solution. Which of the following tests will MOST effectively verify this change is working as intended?
Network isolation techniques are immediately implemented after a security breach to:
An organization has implemented a new customer relationship management (CRM) system. Who should be responsible for enforcing authorized and controlled access to the CRM data?
A post-incident review identified that user error resulted in a major breach. Which of the following is MOST important to determine during the review?
Following an employee security awareness training program, what should be the expected outcome?
Which of the following metrics would provide an accurate measure of an information security program's performance?
Which of the following should be the MOST important consideration of business continuity management?
Which of the following is the MOST effective way to determine the alignment of an information security program with the business strategy?
Application data integrity risk is MOST directly addressed by a design that includes:
To help users apply appropriate controls related to data privacy regulation, what is MOST important to communicate to the users?
Which of the following is the MOST appropriate action during the containment phase of a cyber incident response?
To support effective risk decision making, which of the following is MOST important to have in place?
Which of the following is MOST important to the successful implementation of an information security program?
Which of the following is the BEST strategy when determining an organization's approach to risk treatment?
Which of the following BEST enables staff acceptance of information security policies?
Which of the following will BEST enable an effective information asset classification process?
Which of the following is the PRIMARY reason to regularly update business continuity and disaster recovery documents?
An information security team has started work to mitigate findings from a recent penetration test. Which of the following presents the GREATEST risk to the organization?
Senior management is concerned about data exposure through the use of public Al services. Which of the following is the information security manager's BEST course of action?
Which of the following is the BEST way to ensure the business continuity plan (BCP) is current?
Which of the following metrics would BEST demonstrate the success of a newly implemented information security framework?
Which of the following is the MOST important characteristic of an effective information security metric?
An organization recently outsourced the development of a mission-critical business application. Which of the following would be the BEST way to test for the existence of backdoors?
Which of the following should an information security manager do FIRST when there is a conflict between the organization's information security policy and a local regulation?
Which of the following functions is MOST critical when initiating the removal of system access for terminated employees?
Which of the following is MOST important for guiding the development and management of a comprehensive information security program?
The PRIMARY reason to create and externally store the disk hash value when performing forensic data acquisition from a hard disk is to:
Which of the following should be the PRIMARY focus of an organization with immature incident detection capabilities?
An organization provides notebook PCs, cable wire locks, smartphone access, and virtual private network (VPN) access to its remote employees. Which of the following is MOST important for the information security manager to ensure?
Which of the following is the MOST effective way to detect information security incidents?
An information security manager has been tasked with developing materials to update the board, regulatory agencies, and the media about a security incident. Which of the following should the information security manager do FIRST?
Which of the following is the FIRST step when conducting a post-incident review?
An enterprise has decided to procure security services from a third-party vendor to support its information security program. Which of the following is MOST important to include in the vendor selection criteria?
Which of the following is the MOST important objective of post-incident review activities?
An organization has discovered that a server processing real-time visual data could be vulnerable to a lateral movement stage in a ransomware attack. Which of the following controls BEST mitigates this vulnerability?
Which of the following is the GREATEST benefit of including incident classification criteria within an incident response plan?
Which of the following is MOST important to have in place as a basis for developing an effective information security program that supports the organization's business goals?
An incident management team is alerted ta a suspected security event. Before classifying the suspected event as a security incident, it is MOST important for the security manager to:
While conducting a test of a business continuity plan (BCP), which of the following is the MOST important consideration?
Which of the following has the GREATEST influence on an organization's information security strategy?
An organization needs to comply with new security incident response requirements. Which of the following should the information security manager do FIRST?
An information security manager has been notified about a compromised endpoint device Which of the following is the BEST course of action to prevent further damage?
Which of the following should be the PRIMARY area of focus when mitigating security risks associated with emerging technologies?
When defining a security baseline, it is MOST important that the baseline:
An employee clicked on a malicious link in an email that resulted in compromising company data. What is the BEST way to mitigate this risk in the future?
Which of the following is MOST helpful for determining which information security policies should be implemented by an organization?
What is the PRIMARY objective of implementing standard security configurations?
Which of the following provides the BEST indication of the return on information security investment?
Which of the following is the BEST approach for managing user access permissions to ensure alignment with data classification?
Which of the following provides the MOST comprehensive understanding of an organization's information security posture?
Which of the following should be done FIRST when a SIEM flags a potential event?
Which of the following is MOST important when designing security controls for new cloud-based services?
A KEY consideration in the use of quantitative risk analysis is that it:
A new information security manager finds that the organization tends to use short-term solutions to address problems. Resource allocation and spending are not effectively tracked, and there is no assurance that compliance requirements are being met. What should be done FIRST to reverse this bottom-up approach to security?
Which of the following is MOST important to ensuring that incident management plans are executed effectively?
Which of the following is MOST important to have in place when conducting a security control assessment of a system?
Which of the following is the MOST effective way to influence organizational culture to align with security guidelines?
Recovery time objectives (RTOs) are BEST determined by:
Which of the following is an information security manager's BEST recommendation to senior management following a breach at the organization's Software as a Service (SaaS) vendor?
Which of the following is the MOST important consideration when defining control objectives?
Which of the following is MOST important to determine following the discovery and eradication of a malware attack?
Which of the following is CRITICAL to ensure the appropriate stakeholder makes decisions during a cybersecurity incident?
Which of the following is MOST important to include in an information security status report to senior management?
Which of the following is the BEST indication of an effective information security awareness training program?
Which of the following would be the GREATEST threat posed by a distributed denial of service (DDoS) attack on a public-facing web server?
Which of the following is MOST important to include in an information security strategy?
A risk assessment exercise has identified the threat of a denial of service (DoS) attack Executive management has decided to take no further action related to this risk. The MO ST likely reason for this decision is
What should be the GREATEST concern for an information security manager of a large multinational organization when outsourcing data processing to a cloud service provider?
Which of the following is the PRIMARY benefit of implementing a vulnerability assessment process?
A project team member notifies the information security manager of a potential security risk that has not been included in the risk register. Which of the following should the information security manager do FIRST?
Management has announced the acquisition of a new company. The information security manager of the parent company is concerned that conflicting access rights may cause critical information to be exposed during the integration of the two companies. To BEST address this concern, the information security manager should:
Which of the following is the BEST method for determining whether new risks exist in legacy systems?
Which of the following is the BEST indicator of the maturity level of a vendor risk management process?
Which of the following is the BEST way to address data availability concerns when outsourcing information security administration?
In which cloud model does the cloud service buyer assume the MOST security responsibility?
Which of the following service offerings in a typical Infrastructure as a Service (laaS) model will BEST enable a cloud service provider to assist customers when recovering from a security incident?
An information security manager learns that business unit leaders are encouraging increased use of social media platforms to reach customers. Which of the following should be done FIRST to help mitigate the risk of confidential information being disclosed by employees on social media?
A recent audit found that an organization's new user accounts are not set up uniformly. Which of the following is MOST important for the information security manager to review?
Which of the following is the MOST appropriate metric to demonstrate the effectiveness of information security controls to senior management?
Which of the following BEST illustrates residual risk within an organization?
Which of the following should be established FIRST when implementing an information security governance framework?
Which of the following should an information security manager do FIRST upon learning that some security hardening settings may negatively impact future business activity?
Which of the following has the GREATEST impact on efforts to improve an organization's security posture?
Which of the following has the GREATEST influence on the successful integration of information security within the business?
Which of the following should an organization do FIRST upon learning that a subsidiary is located in a country where civil unrest has just begun?
An organization requires that business-critical applications be recovered within 30 minutes in the event of a disaster. Which of the following metrics should be in the business continuity plan (BCP) to manage this requirement?
A department has reported that a security control is no longer effective. Which of the following is the information security manager's BEST course of action?
To effectively manage an organization's information security risk, it is MOST important to:
Which of the following is the BEST method to protect the confidentiality of data transmitted over the Internet?
Which of the following BEST facilitates the reporting of useful information about the effectiveness of the information security program?
Which of the following is the PRIMARY impact of organizational culture on the effectiveness of an information security program?
Which type of plan is PRIMARILY intended to reduce the potential impact of security events that may occur?
Which of the following is the PRIMARY reason to use a phased incident recovery approach?
A security incident has been reported within an organization. When should an information security manager contact the information owner?
An information security manager is alerted to multiple security incidents across different business units, with unauthorized access to sensitive data and potential data exfiltration from critical systems. Which of the following is the BEST course of action to appropriately classify and prioritize these incidents?
Which of the following is MOST important for the information security manager to include when presenting changes in the security risk profile to senior management?
Which of the following BEST enables the assignment of risk and control ownership?
Which of the following should an information security manager do FIRST after identifying suspicious activity on a PC that is not in the organization's IT asset inventory?
Which of the following is MOST important to ensure incident management readiness?
Which of the following should be the FIRST step to gain approval for outsourcing to address a security gap?
An employee who is a remote user has copied financial data from the corporate server to a laptop using virtual private network (VPN) connectivity. Which of the following is the MOST important factor to determine if it should be classified as a data leakage incident?
Which of the following is the BEST indication of effective information security governance?
An organization involved in e-commerce activities operating from its home country opened a new office in another country with stringent security laws. In this scenario, the overall security strategy should be based on:
Which of the following is MOST important for the successful implementation of an incident response plan?
When remote access to confidential information is granted to a vendor for analytic purposes, which of the following is the MOST important security consideration?
Which of the following would be MOST useful to a newly hired information security manager who has been tasked with developing and implementing an information security strategy?
During which of the following development phases is it MOST challenging to implement security controls?
Once a suite of security controls has been successfully implemented for an organization's business units, it is MOST important for the information security manager to:
Which of the following is the PRIMARY reason to involve stakeholders from various business units when developing an information security policy?
A department has reported that a security control is no longer effective. Which of the following is the information security manager's BEST course of action?
Which of the following BEST enables an organization to maintain an appropriate security control environment?
Which of the following is the BEST way to ensure data is not co-mingled or exposed when using a cloud service provider?
An organization faces severe fines and penalties if not in compliance with local regulatory requirements by an established deadline. Senior management has asked the information security manager to prepare an action plan to achieve compliance.
Which of the following would provide the MOST useful information for planning purposes? »
Which of the following BEST indicates that information assets are classified accurately?
During the selection of a Software as a Service (SaaS) vendor for a business process, the vendor provides evidence of a globally accepted information security certification. Which of the following is the MOST important consideration?
Which of the following should an information security manager do FIRST upon confirming a privileged user's unauthorized modifications to a security application?
Which of the following is the MOST important outcome of a post-incident review?
Which of the following is the PRIMARY objective of incident triage?
Which of the following is BEST used to determine the maturity of an information security program?
A security review identifies that confidential information on the file server has been accessed by unauthorized users in the organization. Which of the following should the information security manager do FIRST?
Which of the following should be an information security manager's PRIMARY concern when an organization is expanding business to a new country?
Which of the following is the MOST important reason to involve external forensics experts in evidence collection when responding to a major security breach?
Which of the following should be the FIRST step when performing triage of a malware incident?
Predetermined containment methods to be used in a cybersecurity incident response should be based PRIMARILY on the:
Which of the following is the BEST starting point for a newly hired information security manager who has been tasked with identifying and addressing network vulnerabilities?
An information security manager has learned of an increasing trend in attacks that use phishing emails impersonating an organization's CEO in an attempt to commit wire transfer fraud. Which of the following is the BEST way to reduce the risk associated with this type of attack?
The PRIMARY purpose for continuous monitoring of security controls is to ensure:
A business continuity plan (BCP) should contain:
An incident response plan is being developed for servers hosting sensitive information. In the event of a breach, who should make the decision to shut down the system?
Which of the following MUST happen immediately following the identification of a malware incident?
Which of the following is the BEST way to assess the risk associated with using a Software as a Service (SaaS) vendor?
What is the PRIMARY benefit to an organization when information security program requirements are aligned with employment and staffing processes?
An organization's information security team presented the risk register at a recent information security steering committee meeting. Which of the following should be of MOST concern to the committee?
Which of the following should an information security manager do FIRST after discovering that a business unit has implemented a newly purchased application and bypassed the change management process?
Which of the following processes is MOST important for the success of a business continuity plan (BCP)?
Which of the following would BEST ensure that security is integrated during application development?
A risk owner has accepted a large amount of risk due to the high cost of controls. Which of the following should be the information security manager's PRIMARY focus in this situation?
Which of the following should be the GREATEST concern for an information security manager when an annual audit reveals the organization's business continuity plan (BCP) has not been reviewed or updated in more than a year?
Data classification is PRIMARILY the responsibility of:
A proposal designed to gain buy-in from senior management for a new security project will be MOST effective if it includes:
Which of the following should be the FIRST consideration when developing a strategy for protecting an organization's data?
What will BEST facilitate the success of new security initiatives?
An information security manager notes that security incidents are not being appropriately escalated by the help desk after tickets are logged. Which of the following is the BEST automated control to resolve this issue?
An information security team is planning a security assessment of an existing vendor. Which of the following approaches is MOST helpful for properly scoping the assessment?
An organization is about to purchase a rival organization. The PRIMARY reason for performing information security due diligence prior to making the purchase is to:
Which of the following is MOST useful to an information security manager when determining the need to escalate an incident to senior?
Which of the following is the BEST justification for making a revision to a password policy?
Which of the following is the BEST way to determine the gap between the present and desired state of an information security program?
Which of the following is the MOST important issue in a penetration test?
When performing a business impact analysis (BIA), who should be responsible for determining the initial recovery time objective (RTO)?
Which of the following is the PRIMARY reason for granting a security exception?
Which of the following is the BEST way to prevent insider threats?
Which of the following is the BEST tool to monitor the effectiveness of information security governance?
An organization is leveraging tablets to replace desktop computers shared by shift-based staff These tablets contain critical business data and are inherently at increased risk of theft Which of the following will BEST help to mitigate this risk''
An organization implemented a number of technical and administrative controls to mitigate risk associated with ransomware. Which of the following is MOST important to present to senior management when reporting on the performance of this initiative?
Which of the following BEST enables the capability of an organization to sustain the delivery of products and services within acceptable time frames and at predefined capacity during a disruption?
Which of the following is the BEST course of action if the business activity residual risk is lower than the acceptable risk level?
Which of the following has the GREATEST impact on the effectiveness of an organization’s security posture?
An organization is in the process of acquiring a new company Which of the following would be the BEST approach to determine how to protect newly acquired data assets prior to integration?
Which of the following roles is PRIMARILY responsible for developing an information classification framework based on business needs?
An organization is going through a digital transformation process, which places the IT organization in an unfamiliar risk landscape. The information security manager has been tasked with leading the IT risk management process. Which of the following should be given the HIGHEST priority?
Which of the following BEST enables an organization to determine the costs of downtime for a critical application?
Which of the following will BEST facilitate the integration of information security governance into enterprise governance?
Which of the following should be an information security manager's FIRST course of action when one of the organization's critical third-party providers experiences a data breach?
Reverse lookups can be used to prevent successful:
During the due diligence phase of an acquisition, the MOST important course of action for an information security manager is to:
Which of the following should be done FIRST to prioritize response to incidents?
A PRIMARY benefit of adopting an information security framework is that it provides:
Which of the following BEST facilitates effective strategic alignment of security initiatives?
An organization permits the storage and use of its critical and sensitive information on employee-owned smartphones. Which of the following is the BEST security control?
Which of the following is the BEST course of action when an online company discovers a network attack in progress?
Which of the following devices, when placed in a demilitarized zone (DMZ), would be considered the MOST significant exposure?
Which of the following is the responsibility of a risk owner?
Which of the following has the MOST influence on the inherent risk of an information asset?
Which of the following is ESSENTIAL to ensuring effective incident response?
In a cloud technology environment, which of the following would pose the GREATEST challenge to the investigation of security incidents?
Which of the following is the PRIMARY objective of a cyber resilience strategy?
An organization's quality process can BEST support security management by providing:
In a call center, the BEST reason to conduct a social engineering is to:
Which of the following is the BEST method to ensure compliance with password standards?
An incident management team is alerted to a suspected security event. Before classifying the suspected event as a security incident, it is MOST important for the security manager to:
Penetration testing is MOST appropriate when a:
Which of the following backup methods requires the MOST time to restore data for an application?
The MOST important element in achieving executive commitment to an information security governance program is:
A global organization is considering its geopolitical security risks. Which of the following is the information security manager's BEST approach?
A financial company executive is concerned about recently increasing cyberattacks and needs to take action to reduce risk. The organization would BEST respond by:
Which of the following is MOST important to include in a report to key stakeholders regarding the effectiveness of an information security program?
Of the following, who is BEST positioned to be accountable for risk acceptance decisions based on risk appetite?
Regular vulnerability scanning on an organization's internal network has identified that many user workstations have unpatched versions of software. What is the BEST way for the information security manager to help senior management understand the related risk?
The PRIMARY objective of a post-incident review of an information security incident is to:
Following an unsuccessful denial of service (DoS) attack, identified weaknesses should be:
An incident response team has established that an application has been breached. Which of the following should be done NEXT?
Which of the following is the MOST critical input to developing policies, standards, and procedures to secure information assets?
Which of the following should be the FIRST step in patch management procedures when receiving an emergency security patch?
During the initiation phase of the system development life cycle (SDLC) for a software project, information security activities should address:
An employee clicked on a link in a phishing email, triggering a ransomware attack Which of the following should be the information security?
Which of the following will have the GREATEST influence on the successful adoption of an information security governance program?
An information security manager learns through a threat intelligence service that the organization may be targeted for a major emerging threat. Which of the following is the information security manager's FIRST course of action?
Which of the following should be updated FIRST to account for new regulatory requirements that impact current information security controls?
Which of the following MUST be defined in order for an information security manager to evaluate the appropriateness of controls currently in place?
Which of the following is the BEST technical defense against unauthorized access to a corporate network through social engineering?
A finance department director has decided to outsource the organization's budget application and has identified potential providers. Which of the following actions should be initiated FIRST by IN information security manager?
Which of the following BEST ensures information security governance is aligned with corporate governance?
Which of the following is BEST to include in a business case when the return on investment (ROI) for an information security initiative is difficult to calculate?
Which of the following is the MOST effective way to ensure information security policies are understood?
Which of the following is the PRIMARY reason that an information security manager should restrict the use of generic administrator accounts in a multi-user environment?
A business requires a legacy version of an application to operate but the application cannot be patched. To limit the risk exposure to the business, a firewall is implemented in front of the legacy application. Which risk treatment option has been applied?
Which of the following MUST be established to maintain an effective information security governance framework?
Which of the following provides the MOST effective response against ransomware attacks?
Which of the following is the PRIMARY benefit of training service desk staff to recognize incidents?
Which of the following BEST determines the allocation of resources during a security incident response?
Which of the following is the MOST effective way to ensure the security of services and solutions delivered by third-party vendors?
Which of the following would BEST enable the timely execution of an incident response plan?
An organization is experiencing a sharp increase in incidents related to phishing messages. The root cause is an outdated email filtering system that is no longer supported by the vendor. Which of the following should be the information security manager's FIRST course of action?
An information security manager has identified that security risks are not being treated in a timely manner. Which of the following
An information security manager wants to document requirements detailing the minimum security controls required for user workstations. Which of the following resources would be MOST appropriate for this purposed?
A multinational organization is required to follow governmental regulations with different security requirements at each of its operating locations. The chief information security officer (CISO) should be MOST concerned with:
An information security manager is assessing security risk associated with a cloud service provider. Which of the following is the MOST appropriate reference to consult when performing this assessment?
Which of the following is the BEST option to lower the cost to implement application security controls?
When testing an incident response plan for recovery from a ransomware attack, which of the following is MOST important to verify?
The PRIMARY reason to properly classify information assets is to determine:
The ULTIMATE responsibility for ensuring the objectives of an information security framework are being met belongs to:
The BEST way to report to the board on the effectiveness of the information security program is to present:
Which of the following should an information security manager do FIRST upon learning that a competitor has experienced a ransomware attack?
Which of the following is MOST important to consider when defining control objectives?
Which of the following would provide the MOST value to senior management when presenting the results of a risk assessment?
When developing security processes for handling credit card data on the business unit's information system, the information security manager should FIRST:
Which of the following would BEST guide the development and maintenance of an information security program?
Which of the following is the PRIMARY preventive method to mitigate risks associated with privileged accounts?
Which of the following business units should own the data that populates an identity management system?
Which of the following is the BEST reason for senior management to support a business case for developing a monitoring system for a critical application?
Which of the following activities MUST be performed by an information security manager for change requests?
A critical server for a hospital has been encrypted by ransomware. The hospital is unable to function effectively without this server Which of the following would MOST effectively allow the hospital to avoid paying the ransom?
Which of the following is MOST important to consider when determining asset valuation?
Which of the following is the BEST way to obtain organization-wide support for an information security program?
Who has the PRIMARY authority to decide if additional risk treatments are required to mitigate an identified risk?
Which of the following is the MOST important consideration when establishing an organization's information security governance committee?
Which of the following BEST indicates misalignment of security policies with business objectives?
Which of the following is the BEST way to achieve compliance with new global regulations related to the protection of personal information?
What is the MOST important consideration when establishing metrics for reporting to the information security strategy committee?
Which of the following is MOST effective in monitoring an organization's existing risk?
Threat and vulnerability assessments are important PRIMARILY because they are:
A business continuity plan (BCP) should contain:
An organization is planning to outsource network management to a service provider. Including which of the following in the contract would be the MOST effective way to mitigate information security risk?
The BEST way to integrate information security governance with corporate governance is to ensure:
When determining an acceptable risk level which of the following is the MOST important consideration?
Which of the following is the BEST approach to reduce unnecessary duplication of compliance activities?
How does an incident response team BEST leverage the results of a business impact analysis (BIA)?
In violation of a policy prohibiting the use of cameras at the office, employees have been issued smartphones and tablet computers with enabled web cameras. Which of the following should be the information security manager's FIRST course of action?
Which of the following is the BEST indicator of a successful intrusion into an organization's systems?
An incident response team recently encountered an unfamiliar type of cyber event. Though the team was able to resolve the issue, it took a significant amount of time to identify. What is the BEST way to help ensure similar incidents are identified more quickly in the future?