Payment Card Industry (PCI) compliance requirements are based on what criteria?

• A.The types of cardholder data retained
• B.The size of the organization processing credit card data
• C.The duration card holder data is retained
• D.The number of transactions performed per year by an organization

Comment: *

Name: *

Email: *

Verification: *

What is the primary reason for performing vendor management?

• A.To establish a vendor selection process
• B.To understand the risk coverage that are being mitigated by the vendor
• C.To define the partnership for long-term success
• D.To document the relationship between the company and the vendor

Comment: *

Name: *

Email: *

Verification: *

Acme Inc. has engaged a third party vendor to provide 99.999% up-time for their online web presence and had them contractually agree to this service level agreement. What type of risk tolerance is Acme exhibiting?
(choose the BEST answer):

• A.low risk-tolerance
• B.medium-high risk-tolerance
• C.moderate risk-tolerance
• D.high risk-tolerance

Comment: *

Name: *

Email: *

Verification: *

At which point should the identity access management team be notified of the termination of an employee?

• A.During the monthly review cycle
• B.At the end of the day once the employee is off site
• C.Immediately so the employee account(s) can be disabled
• D.Before an audit

Comment: *

Name: *

Email: *

Verification: *

A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?

• A.Create a comprehensive security awareness program and provide success metrics to business units
• B.Leveraging existing implementations
• C.Effective use of existing technologies
• D.Proper budget management

Comment: *

Name: *

Email: *

Verification: *