When choosing a risk mitigation method what is the MOST important factor?

• A.Cost of the mitigation is less than the risk
• B.Metrics of mitigation method success
• C.Mitigation method complies with PCI regulations
• D.Approval from the board of directors

Comment: *

Name: *

Email: *

Verification: *

To get an Information Security project back on schedule, which of the following will provide the MOST help?

• A.Extend work hours
• B.More frequent project milestone meetings
• C.Upper management support
• D.Stakeholder support

Comment: *

Name: *

Email: *

Verification: *

The establishment of a formal risk management framework and system authorization program is essential. The LAST step of the system authorization process is:

• A.Changing the default passwords
• B.Contacting the Internet Service Provider for an IP scope
• C.Getting authority to operate the system from executive management
• D.Conducting a final scan of the live system and mitigating all high and medium level vulnerabilities

Comment: *

Name: *

Email: *

Verification: *

An organization's firewall technology needs replaced. A specific technology has been selected that is less costly than others and lacking in some important capabilities. The security officer has voiced concerns about sensitive data breaches but the decision is made to purchase. What does this selection indicate?

• A.A high risk tolerance environment
• B.A low risk tolerance environment
• C.I low vulnerability environment
• D.A high threat environment

Comment: *

Name: *

Email: *

Verification: *

While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data center?

• A.Enterprise Risk Assessment
• B.Disaster recovery strategic plan
• C.Application mapping document
• D.Business continuity plan

Comment: *

Name: *

Email: *

Verification: *