An organization has suffered from a large-scale security event impacting a critical system. Following the decision to restore the system at an alternate location, which plan should be invoked?
Which of the following is MOST important when developing an AI security awareness program?
Which of the following is the PRIMARY reason to assign a risk owner in an organization?
Which type of test is MOST effective in communicating the roles of end users to support timely identification and response to information security incidents?
Which of the following is the BEST approach for data owners to use when defining access privileges for users?
Define access privileges based on user roles.
Adopt user account settings recommended by the vendor.
Perform a risk assessment of the users ' access privileges.
Which of the following is the BEST tool to use for identifying and correlating intrusion attempt alerts?
Which of the following should be the GREATEST concern for an information security manager when an annual audit reveals the organization ' s business continuity plan (BCP) has not been reviewed or updated in more than a year?
Which of the following would be MOST helpful to identify worst-case disruption scenarios?
Which of the following is the PRIMARY objective of a business impact analysis (BIA)?
An organization is performing due diligence when selecting a third party. Which of the following is MOST helpful to reduce the risk of unauthorized sharing of information during this process?
An organization is planning to outsource network management to a service provider. Including which of the following in the contract would be the MOST effective way to mitigate information security risk?
Which of the following BEST enables users to recover from ransomware or malware attacks?
When preventive controls to appropriately mitigate risk are not feasible, which of the following is the MOST important action for the information security manager?
Following an unsuccessful denial of service (DoS) attack, identified weaknesses should be:
Which of the following is MOST important when defining how an information security budget should be allocated?
Which of the following should be the PRIMARY objective of an information security governance framework?
Which of the following is the MOST important outcome of effective risk treatment?
Which of the following is ESSENTIAL to ensuring effective incident response?
Which of the following is the MOST effective way to help staff members understand their responsibilities for information security?
A new application has entered the production environment with deficient technical security controls. Which of the following is MOST Likely the root cause?
Which of the following is MOST important to have in place when conducting a security control assessment of a system?
Which of the following is the BEST approach when creating a security policy for a global organization subject to varying laws and regulations?
Which of the following is the PRIMARY reason to regularly update business continuity and disaster recovery documents?
Which of the following is the PRIMARY reason to review the firewall logs when an external network-based attack is reported by the intrusion detection system (IDS)?
A forensic examination of a PC is required, but the PC has been switched off. Which of the following should be done FIRST?
The MOST effective tools for responding to new and advanced attacks are those that detect attacks based on:
Which of the following would be MOST effective in gaining senior management approval of security investments in network infrastructure?
To support effective risk decision making, which of the following is MOST important to have in place?
Which of the following is the MOST beneficial outcome of testing an incident response plan?
Which of the following is the FIRST step to establishing an effective information security program?
Which of the following is the MOST critical factor for information security program success?
Which of the following would BEST ensure that security risk assessment is integrated into the life cycle of major IT projects?
Which of the following BEST conveys minimum information security requirements to an organization in alignment with policies?
Which of the following has the MOST influence on the information security investment process?
After logging in to a web application, additional authentication is checked at various application points. Which of the following is the PRIMARY reason for such an approach?
Which of the following is the BEST way to obtain organization-wide support for an information security program?
A new regulatory requirement affecting an organization ' s information security program is released. Which of the following should be the information security manager ' s FIRST course of action?
Which of the following control types should be considered FIRST for aligning employee behavior with an organization ' s information security objectives?
Conducting log analysis falls into which phase of the incident management life cycle?
Which of the following is the MOST important detail to capture in an organization ' s risk register?
Which of the following is MOST important to include in a report to key stakeholders regarding the effectiveness of an information security program?
Which of the following is the MOST appropriate action during the containment phase of a cyber incident response?
Which of the following would provide the MOST effective security outcome in an organizations contract management process?
An incident response team recently encountered an unfamiliar type of cyber event. Though the team was able to resolve the issue, it took a significant amount of time to identify. What is the BEST way to help ensure similar incidents are identified more quickly in the future?
What is the PRIMARY objective of performing a vulnerability assessment following a business system update?
While responding to a high-profile security incident, an information security manager observed several deficiencies in the current incident response plan. When would be the BEST time to update the plan?
Business objectives and organizational risk appetite are MOST useful inputs to the development of information security:
When designing a disaster recovery plan (DRP), which of the following MUST be available in order to prioritize system restoration?
Which of the following is the BEST method for determining whether new risks exist in legacy systems?
To improve the efficiency of the development of a new software application, security requirements should be defined:
When remote access is granted to a company ' s internal network, the MOST important consideration should be that access is provided:
Which of the following BEST prepares a computer incident response team for a variety of information security scenarios?
Which of the following tools would be MOST helpful to an incident response team?
An organization that conducts business globally is planning to utilize a third-party service provider to process payroll information. Which of the following issues poses the GREATEST risk to the organization?
An information security manager has been made aware of a new data protection regulation that will soon go into effect. Which of the following is the BEST way to manage the risk of noncompliance?
Of the following, who is BEST suited to own the risk discovered in an application?
How does an incident response team BEST leverage the results of a business impact analysis (BIA)?
After detecting an advanced persistent threat, which of the following should be the information security manager’s FIRST step?
Which of the following is the PRIMARY purpose of implementing information security standards?
Which of the following is BEST to include in a business case when the return on investment (ROI) for an information security initiative is difficult to calculate?
Of the following, who is MOST appropriate to own the risk associated with the failure of a privileged access control?
Which of the following factors has the GREATEST influence on the successful implementation of information security strategy goals?
To optimize the implementation of information security governance in an organization, an information security manager should:
An information security manager is concerned with continued security policy violations in a particular business unit despite recent efforts to rectify the situation. What is the BEST course of action?
Which of the following is the MOST important reason to conduct interviews as part of the business impact analysis (BIA) process?
When developing an information security strategy for an organization, which of the following is MOST helpful for understanding where to focus efforts?
Which of the following BEST supports information security management in the event of organizational changes in security personnel?
An employee who is a remote user has copied financial data from the corporate server to a laptop using virtual private network (VPN) connectivity. Which of the following is the MOST important factor to determine if it should be classified as a data leakage incident?
An employee has just reported the loss of a personal mobile device containing corporate information. Which of the following should the information security manager do FIRST?
The information security manager of a multinational organization has been asked to consolidate the information security policies of its regional locations. Which of the following would be of
GREATEST concern?
The MOST important information for influencing management’s support of information security is:
Which of the following is MOST important for an information security manager to verify when selecting a third-party forensics provider?
Which of the following is the GREATEST benefit of including incident classification criteria within an incident response plan?
Which of the following would BEST enable a new information security manager to obtain senior management support for an information security governance program?
An organization is MOST likely to accept the risk of noncompliance with a new regulatory requirement when:
A project team member notifies the information security manager of a potential security risk that has not been included in the risk register. Which of the following should the information security manager do FIRST?
Which of the following is the MOST important consideration when attempting to create a security-focused culture?
Which of the following security initiatives should be the FIRST step in helping an organization maintain compliance with privacy regulations?
Which of the following should an information security manager do FIRST when creating an organization ' s disaster recovery plan (DRP)?
An information security policy was amended recently to support an organization ' s new information security strategy. Which of the following should be the information security manager ' s NEXT step?
Which of the following is the BEST indication of a mature information security program?
Which of the following is a PRIMARY reason for senior management to review reports on information security?
Which of the following is the BEST indicator of an organization ' s information security status?
When defining a security baseline, it is MOST important that the baseline:
Which of the following elements of a service contract would BEST enable an organization to monitor the information security risk associated with a cloud service provider?
A critical server for a hospital has been encrypted by ransomware. The hospital is unable to function effectively without this server Which of the following would MOST effectively allow the hospital to avoid paying the ransom?
Which of the following should be done FIRST to determine the impact of a new regulatory requirement for cloud services?
Which of the following is the PRIMARY benefit of a vulnerability scanning tool to an organization?
For the information security manager, integrating the various assurance functions of an organization is important PRIMARILY to enable:
A finance department director has decided to outsource the organization ' s budget application and has identified potential providers. Which of the following actions should be initiated FIRST by IN information security manager?
Which of the following BEST ensures information security governance is aligned with corporate governance?
Which of the following is the GREATEST concern with implementing all controls recommended by a security framework?
Which of the following processes BEST supports the evaluation of incident response effectiveness?
Which of the following is the MOST important consideration when defining control objectives?
A financial institution is planning to develop a new mobile application. Which of the following is the BEST time to begin assessments of the application ' s security compliance?
Which of the following is the PRIMARY responsibility of an information security manager in an organization that is implementing the use of company-owned mobile devices in its operations?
When drafting the corporate privacy statement for a public website, which of the following MUST be included?
Which of the following should be an information security manager s MOST important consideration when determining the priority for implementing security controls?
An information security manager notes that security incidents are not being appropriately escalated by the help desk after tickets are logged. Which of the following is the BEST automated control to resolve this issue?
To ensure the information security of outsourced IT services, which of the following is the MOST critical due diligence activity?
Which of the following should occur FIRST in the process of managing security risk associated with the transfer of data from unsupported legacy systems to supported systems?
A penetration test was conducted by an accredited third party. Which of the following should be the information security manager ' s FIRST course of action?
Which of the following should an organization do FIRST upon learning that a subsidiary is located in a country where civil unrest has just begun?
Which of the following is a function of the information security steering committee?
Which of the following roles is MOST appropriate to determine access rights for specific users of an application?
Which of the following BEST enables an organization to maintain legally admissible evidence7
During which phase of a security event should an incident response team be INITIALLY engaged?
Which of the following BEST indicates misalignment of security policies with business objectives?
An organization requires that business-critical applications be recovered within 30 minutes in the event of a disaster. Which of the following metrics should be defined in the business continuity plan (BCP) to manage this requirement?
An information security manager finds a legacy application has no defined data owner. Of the following, who would be MOST helpful in identifying the appropriate data owner?
Determining the risk for a particular threat/vulnerability pair before controls are applied can be expressed as:
Which of the following is MOST important for an information security manager to consider when developing a business continuity plan (BCP) for ransomware attacks?
Which of the following is the BEST way to help ensure alignment of the information security program with organizational objectives?
An information security team has discovered that users are sharing a login account to an application with sensitive information, in violation of the access policy. Business management indicates that the practice creates operational efficiencies. What is the information security manager ' s BEST course of action?
Which of the following is the PRIMARY responsibility of an information security governance committee?
Which of the following is the BEST reason to implement a comprehensive information security management system?
To ensure continuous alignment with the organizational strategy
To gain senior management support for the information security program
To support identification of key risk indicators (KRIs)
Which of the following BEST enables an organization to operate smoothly with reduced capacities when service has been disrupted?
What is the PRIMARY objective of implementing standard security configurations?
Which of the following BEST encourages staff to report issues related to information security?
Which of the following activities is MOST appropriate to conduct during the eradication phase of a cyber incident response?
An organization has identified IT failures in a call center application. Of the following, who should own this risk?
Which of the following would provide the BEST evidence to senior management that security control performance has improved?
Which of the following would be MOST useful when determining the business continuity strategy for a large organization ' s data center?
Implementing the principle of least privilege PRIMARILY requires the identification of:
When performing a business impact analysis (BIA), who should be responsible for determining the initial recovery time objective (RTO)?
Which of the following is MOST important for an information security manager to consider when determining whether data should be stored?
Which of the following BEST enables the design of an effective incident escalation process?
Which of the following BEST demonstrates the added value of an information security program?
Which of the following BEST facilitates the development of a comprehensive information security policy?
Which of the following is the MOST important criterion when deciding whether to accept residual risk?
Which of the following provides the MOST useful information for identifying security control gaps on an application server?
Unintentional behavior by an employee caused a major data loss incident. Which of the following is the BEST way for the information security manager to prevent recurrence within the organization?
Which type of recovery site is MOST reliable and can support stringent recovery requirements?
Which of the following should an information security manager do FIRST upon learning that a competitor has experienced a ransomware attack?
A new risk has been identified in a high availability system. The BEST course of action is to:
Which of the following BEST supports effective communication during information security incidents?
Which of the following BEST mitigates the risk of information loss caused by a cloud service provider becoming insolvent?
Regular vulnerability scanning on an organization ' s internal network has identified that many user workstations have unpatched versions of software. What is the BEST way for the information security manager to help senior management understand the related risk?
A global organization is considering its geopolitical security risks. Which of the following is the information security manager ' s BEST approach?
When investigating an information security incident, details of the incident should be shared:
Which of the following BEST enables the restoration of operations after a limited ransomware incident occurs?
When an organization lacks internal expertise to conduct highly technical forensics investigations, what is the BEST way to ensure effective and timely investigations following an information security incident?
Which of the following presents the GREATEST challenge to a large multinational organization using an automated identity and access management (1AM) system?
In the absence of technical controls, what would be the BEST way to reduce unauthorized text messaging on company-supplied mobile devices?
Which of the following BEST enables the assignment of risk and control ownership?
What should be an information security manager ' s MOST important consideration when developing a multi-year plan?
Which of the following is MOST important to the effectiveness of an information security steering committee?
As part of a risk assessment, a security control was discovered to be inadequate. When assigning a risk owner, which of the following attributes is MOST important to consider?
Which of the following is MOST important for an information security manager to consider when identifying information security resource requirements?
Which of the following is the PRIMARY objective of testing security controls within a critical infrastructure?
Which of the following should be the PRIMARY objective of the information security incident response process?
Which of the following would MOST effectively ensure that a new server is appropriately secured?
Which of the following will ensure confidentiality of content when accessing an email system over the Internet?
Which of the following is the BEST indicator of a successful intrusion into an organization ' s systems?
Which of the following is the MOST essential element of an information security program?
Which of the following is the BEST approach to make strategic information security decisions?
Management would like to understand the risk associated with engaging an Infrastructure-as-a-Service (laaS) provider compared to hosting internally. Which of the following would provide the BEST method of comparing risk scenarios?
Which of the following should an information security manager do FIRST when there is a conflict between the organization ' s information security policy and a local regulation?
Which of the following should have the MOST influence on an organization ' s response to a new industry regulation?
An organization’s human resources department is planning to migrate a legacy application to a new application in the cloud. What is the BEST way for the information security manager to support this effort?
The MAIN benefit of implementing a data loss prevention (DLP) solution is to:
Which of the following BEST helps to ensure the effective execution of an organization ' s disaster recovery plan (DRP)?
An organization finds it necessary to quickly shift to a work-fromhome model with an increased need for remote access security.
Which of the following should be given immediate focus?
Which of the following is the MOST effective way to detect information security incidents?
When collecting admissible evidence, which of the following is the MOST important requirement?
Which of the following is the MOST effective way to help assure the integrity of an organization’s accounting system?
Which of the following is MOST critical when creating an incident response plan?
Which of the following should be the FIRST step to gain approval for outsourcing to address a security gap?
An organization involved in e-commerce activities operating from its home country opened a new office in another country with stringent security laws. In this scenario, the overall security strategy should be based on:
An information security manager has become aware that system administrators are not changing server administrator accounts from the default usernames. A policy has been created and approved by business managers to require these changes. Which of the following should be the information security manager’s FIRST course of action?
Which of the following presents the GREATEST challenge to the recovery of critical systems and data following a ransomware incident?
Which of the following is the MOST useful input for an information security manager when updating the organization’s security policy?
To ensure that a new application complies with information security policy, the BEST approach is to:
Which of the following processes is MOST important for the success of a business continuity plan (BCP)?
While classifying information assets an information security manager notices that several production databases do not have owners assigned to them What is the BEST way to address this situation?
An organization is transitioning to a Zero Trust architecture. Which of the following is the information security manager ' s BEST approach for communicating the implications of this transition to the board of directors?
Which of the following is MOST helpful to identify whether information security policies have been followed?
The PRIMARY reason for creating a business case when proposing an information security project is to:
Which of the following is the GREATEST benefit resulting from the introduction of data security standards for payment cards?
Which of the following is the MOST important reason to have documented security procedures?
The PRIMARY purpose of implementing information security governance metrics is to:
When developing an asset classification program, which of the following steps should be completed FIRST?
To prepare for a third-party forensics investigation following an incident involving malware, the incident response team should:
Which of the following roles is accountable for ensuring the impact of a new regulatory framework on a business system is assessed?
Which of the following is the BEST way to address data availability concerns when outsourcing information security administration?
Which of the following would be the BEST way to reduce the risk of disruption resulting from an emergency system change?
Which of the following is the BEST approach for managing user access permissions to ensure alignment with data classification?
When assigning a risk owner, the MOST important consideration is to ensure the owner has:
Which of the following is the MOST important requirement for a successful security program?
Prior to implementing a bring your own device (BYOD) program, it is MOST important to:
Which of the following BEST indicates that information assets are classified accurately?
Which of the following is the GREATEST threat posed by quantum computing technology for information security?
Which of the following is the MOST effective way to protect the authenticity of data in transit?
Which of the following is MOST important to include in an information security status report to senior management?
What should be the GREATEST concern for an information security manager of a large multinational organization when outsourcing data processing to a cloud service provider?
Which of the following is MOST important to have in place to help ensure an organization ' s cybersecurity program meets the needs of the business?
Which of the following is MOST important for building 4 robust information security culture within an organization?
Due to specific application requirements, a project team has been granted administrative ponieon GR: is the PRIMARY reason for ensuring clearly defined roles and responsibilities are communicated to these users?
Which of the following should be the PRIMARY basis for determining the value of assets?
Which of the following would BEST ensure that security is integrated during application development?
Which of the following metrics provides the BEST evidence of alignment of information security governance with corporate governance?
Which of the following should be done FIRST after a ransomware incident has been successfully contained?
Which is following should be an information security manager ' s PRIMARY focus during the development of a critical system storing highly confidential data?
Which of the following is the PRIMARY outcome of a business impact analysis (BIA)?
An organization plans to implement a new e-commerce operation in a highly regulated market. Which of the following is MOST important to consider when updating the risk management strategy?
Once a suite of security controls has been successfully implemented for an organization ' s business units, it is MOST important for the information security manager to:
Which of the following is the MAIN feature of a web application firewall?
A security incident has been reported within an organization When should an information security manager contact the information owner?
Which of the following should be an information security manager ' s FIRST course of action when a newly introduced privacy regulation affects the business?
From an information security perspective, legal issues associated with a transborder flow of technology-related items are MOST often
Which of the following would BEST support the business case for an increase in the information security budget?
Which of the following is the GREATEST inherent risk when performing a disaster recovery plan (DRP) test?
Which of the following provides an information security manager with the MOST accurate indication of the organization ' s ability to respond to a cyber attack?
Which of the following is the BEST evidence of alignment between corporate and information security governance?
Which of the following would pose the GREATEST risk to the preparedness of an incident response team?
Which of the following metrics would BEST demonstrate the success of a newly implemented information security framework?
Which of the following is the MOST important benefit of using a cloud access security broker when migrating to a cloud environment?
Which of the following is the MOST effective way to ensure the security of services and solutions delivered by third-party vendors?
An organization requires that business-critical applications be recovered within 30 minutes in the event of a disaster. Which of the following metrics should be in the business continuity plan (BCP) to manage this requirement?
Which of the following has the GREATEST influence on an organization ' s information security strategy?
Which of the following is the PRIMARY preventive method to mitigate risks associated with privileged accounts?
During the due diligence phase of an acquisition, the MOST important course of action for an information security manager is to:
An information security manager is updating the organization ' s incident response plan. Which of the following is the BEST way to validate that the process and procedures provided by IT and business units are complete, accurate, and known by all responsible teams?
When an information security manager presents an information security program status report to senior management, the MAIN focus should be:
A cloud application used by an organization is found to have a serious vulnerability. After assessing the risk, which of the following would be the information security manager ' s BEST course of action?
Which of the following is the PRIMARY reason to conduct a post-incident review?
An organization ' s security policy is to disable access to USB storage devices on laptops and desktops. Which of the following is the STRONGEST justification for granting an exception to the policy?
Which of the following is MOST important for a healthcare organization to address during the requirements gathering phase of AI development?
Which of the following should be the PRIMARY objective when establishing a new information security program?
Which of the following BEST enables an organization to effectively manage emerging cyber risk?
Which of the following should an information security manager do FIRST upon learning that some security hardening settings may negatively impact future business activity?
Which of the following is the GREATEST challenge when developing key risk indicators (KRIs)?
Which of the following would BEST help to ensure appropriate security controls are built into software?
Which of the following should be done FIRST when implementing a security program?
Which of the following will BEST enable an effective information asset classification process?
An organization is in the process of selecting a third party to process customer information. Which of the following provides the BEST evidence that the third party’s controls will operate as required?
Which of the following is MOST important to include in security incident escalation procedures?
Which of the following establishes the minimum technical baseline for security controls?
Which of the following is an information security manager ' s BEST recommendation to senior management following a breach at the organization ' s Software as a Service (SaaS) vendor?
What should be the FIRST step when implementing data loss prevention (DLP) technology?
The PRIMARY advantage of performing black-box control tests as opposed to white-box control tests is that they:
Which of the following BEST facilitates effective strategic alignment of security initiatives?
Which of the following is the MOST important constraint to be considered when developing an information security strategy?
Which of the following documents should contain the INITIAL prioritization of recovery of services?
Which of the following is a prerequisite for formulating a business continuity plan (BCP)?
Which of the following is MOST important to the ongoing success of an information security program?
Which of the following is the BEST course of action if the business activity residual risk is lower than the acceptable risk level?
Which of the following would be MOST important to include in a proposal justifying investments for an organization ' s information security program?
An organization ' s information security team presented the risk register at a recent information security steering committee meeting. Which of the following should be of MOST concern to the committee?
When developing an incident escalation process, the BEST approach is to classify incidents based on:
Which of the following is the MOST important reason to document information security incidents that are reported across the organization?
Which of the following has the GREATEST influence on the successful integration of information security within the business?
Which of the following devices, when placed in a demilitarized zone (DMZ), would be considered the MOST significant exposure?
Which of the following would BEST guide the development and maintenance of an information security program?
The PRIMARY purpose of conducting a business impact analysis (BIA) is to determine the:
Which of the following desired outcomes BEST supports a decision to invest in a new security initiative?
Which of the following should be the PRIMARY goal of information security?
Which of the following is the PRIMARY reason to use a phased incident recovery approach?
Which of the following should be an information security manager ' s FIRST course of action when a potential business breach is discovered in a critical business system?
Which is MOST important to identify when developing an effective information security strategy?
An organization provides notebook PCs, cable wire locks, smartphone access, and virtual private network (VPN) access to its remote employees. Which of the following is MOST important for the information security manager to ensure?
Who is BEST suited to determine how the information in a database should be classified?
How does an organization PRIMARILY benefit from the creation of an information security steering committee?
An organization is considering the feasibility of implementing a big data solution to analyze customer data. In order to support this initiative, the information security manager should FIRST:
Which of the following would BEST enable a new information security manager to assess the current state of information security governance within the organization?
Which of the following tasks should be performed once a disaster recovery plan (DRP) has been developed?
Management of a financial institution accepted an operational risk that consequently led to the temporary deactivation to a critical monitoring process. Which of the following should be the information security manager ' s GREATEST concern with this situation?
An organization is creating a risk mitigation plan that considers redundant power supplies to reduce the business risk associated with critical system outages. Which type of control is being considered?
Which of the following is the PRIMARY reason for granting a security exception?
Which of the following is the BEST source of information to support an organization ' s information security vision and strategy?
Which of the following BEST enables an organization to maintain an appropriate security control environment?
In the context of DevSecOps, which of the following BEST enables the identification of vulnerabilities before software is released?
A hacking group has posted an organization’s employee data on social media. What should the information security manager do FIRST?
The PRIMARY benefit of introducing a single point of administration in network monitoring is that it:
What is the PRIMARY purpose of an unannounced disaster recovery exercise?
An organization uses a security standard that has undergone a major revision by the certifying authority. The old version of the standard will no longer be used for organizations wishing to maintain their certifications. Which of the following should be the FIRST
course of action?
Which of the following provides the BEST assurance that security policies are applied across business operations?
Which of the following is the BEST indication that an organization has a mature information security culture?
Recommendations for enterprise investment in security technology should be PRIMARILY based on:
A business impact analysis (BIA) should be periodically executed PRIMARILY to:
Which of the following should be the FIRST step when performing triage of a malware incident?
Due to changes in an organization ' s environment, security controls may no longer be adequate. What is the information security manager ' s BEST course of action?
When an organization experiences a disruptive event, the business continuity plan (BCP) should be triggered PRIMARILY based on:
An information security manager has become aware that a third-party provider is not in compliance with the statement of work (SOW). Which of the following is the BEST course of action?
A recent audit found that an organization ' s new user accounts are not set up uniformly. Which of the following is MOST important for the information security manager to review?
An organization engages a third-party vendor to monitor and support a financial application under scrutiny by regulators. Which of the following controls would MOST effectively manage risk to the organization?
Which of the following is the BEST way for an information security manager to learn of zero-day vulnerabilities?
Which of the following is BEST used to determine the maturity of an information security program?
A multinational organization is required to follow governmental regulations with different security requirements at each of its operating locations. The chief information security officer (CISO) should be MOST concerned with:
Which of the following BEST enables an organization to determine the costs of downtime for a critical application?
Which is the BEST method to evaluate the effectiveness of an alternate processing site when continuous uptime is required?
Which of the following is the MOST important consideration when briefing executives about the current state of the information security program?
Which of the following is the MOST important factor in an organization ' s selection of a key risk indicator (KRI)?
What should be the PRIMARY objective of an information classification scheme?
An organization plans to utilize Software as a Service (SaaS) and is in the process of selecting a vendor. What should the information security manager do FIRST to support this initiative?
An experienced information security manager joins a new organization and begins by conducting an audit of all key IT processes. Which of the following findings about the vulnerability management program should be of GREATEST concern?
Which of the following MUST be established to maintain an effective information security governance framework?
An information security manager has identified that security risks are not being treated in a timely manner. Which of the following
Which of the following is MOST important when responding to a major securi ty incident?
Which of the following is the FIRST step when conducting a post-incident review?
Which of the following BEST enables the capability of an organization to sustain the delivery of products and services within acceptable time frames and at predefined capacity during a disruption?
What should be an information security manager’s FIRST course of action upon learning a business unit is bypassing an existing control in order to increase operational efficiency?
Which of the following should an information security manager do FIRST when noncompliance with security standards is identified?
A business unit recently integrated the organization ' s new strong password policy into its business application which requires users to reset passwords every 30 days. The help desk is now flooded with password reset requests. Which of the following is the information security manager ' s BEST course of action to address this situation?
Which of the following is the MOST effective way to increase security awareness in an organization?
Which of the following BEST supports the adoption of effective information security practices throughout an organization?
In order to understand an organization ' s security posture, it is MOST important for an organization ' s senior leadership to:
Which of the following principles BEST addresses the protection of data from unauthorized modification?
An online trading company discovers that a network attack has penetrated the firewall. What should be the information security manager ' s FIRST response?
Which of the following is MOST important for the information security manager to include when presenting changes in the security risk profile to senior management?
The MOST appropriate time to conduct a disaster recovery test would be after:
An organization has multiple data repositories across different departments. The information security manager has been tasked with creating an enterprise strategy for protecting data. Which of the following information security initiatives should be the HIGHEST priority for the organization?
The use of a business case to obtain funding for an information security investment is MOST effective when the business case:
The PRIMARY consideration when responding to a ransomware attack should be to ensure:
Which of the following BEST enables an organization to provide ongoing assurance that legal and regulatory compliance requirements can be met?
Which of the following is the PRIMARY purpose of an acceptable use policy?
An information security manager has been tasked with developing materials to update the board, regulatory agencies, and the media about a security incident. Which of the following should the information security manager do FIRST?
Which of the following should be the MOST important consideration of business continuity management?
Which of the following BEST indicates that an information security governance framework has been successfully implemented?
Which of the following metrics would provide an accurate measure of an information security program ' s performance?
What is the BEST way to inform senior management of the value of information security?
Which of the following should be the MOST important consideration when reviewing an information security strategy?
A security review identifies that confidential information on the file server has been accessed by unauthorized users in the organization. Which of the following should the information security manager do FIRST?