Which of the following activities results in change requests?

• A.Defect repair
• B.Preventive actions
• C.Inspection
• D.Corrective actions

Comment: *

Name: *

Email: *

Verification: *

Scenario: You are the CISO and have just completed your first risk assessment for your organization. You find many risks with no security controls, and some risks with inadequate controls. You assign work to your staff to create or adjust existing security controls to ensure they are adequate for risk mitigation needs.
When formulating the remediation plan, what is a required input?

• A.Board of directors
• B.Risk assessment
• C.Patching history
• D.Latest virus definitions file

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a symmetric encryption algorithm?

• A.ECC
• B.3DES
• C.MD5
• D.RSA

Comment: *

Name: *

Email: *

Verification: *

Which of the following activities is the MAIN purpose of the risk assessment process?

• A.Classifying and organizing information assets into meaningful groups
• B.Creating an inventory of information assets
• C.Assigning value to each information asset
• D.Calculating the risks to which assets are exposed in their current setting

Comment: *

Name: *

Email: *

Verification: *

Which of the following conditions would be the MOST probable reason for a security project to be rejected by the executive board of an organization?

• A.The Net Present Value (NPV) of the project is positive
• B.The NPV of the project is negative
• C.The Return on Investment (ROI) is larger than 10 months
• D.The ROI is lower than 10 months

Comment: *

Name: *

Email: *

Verification: *