Which of the following can the company implement in order to avoid this type of security issue in the future?

• A.A risk management process
• B.A security training program for developers
• C.A audit management process
• D.Network based intrusion detection systems

Comment: *

Name: *

Email: *

Verification: *

The purpose of NIST SP 800-53 as part of the NIST System Certification and Accreditation Project is to establish a set of standardized, minimum security controls for IT systems
addressing low, moderate, and high levels of concern for

• A.Confidentiality, Integrity and Availability
• B.Integrity and Availability
• C.Assurance, Compliance and Availability
• D.International Compliance

Comment: *

Name: *

Email: *

Verification: *

When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?

• A.Support from Legal and HR teams
• B.Alignment of security goals with business goals
• C.An independent Governance, Risk and Compliance organization
• D.Compliance with local privacy regulations

Comment: *

Name: *

Email: *

Verification: *

As the Chief Information Security Officer, you are performing an assessment of security posture to understand what your Defense-in-Depth capabilities are. Which network security technology examines network traffic flows to detect and actively stop vulnerability exploits and attacks?

• A.Port Security
• B.Intrusion Prevention System
• C.Anti-virus
• D.Gigamon

Comment: *

Name: *

Email: *

Verification: *

One of the MAIN goals of a Business Continuity Plan is to

• A.Ensure all infrastructure and applications are available in the event of a disaster
• B.Provide step by step plans to recover business processes in the event of a disaster
• C.Assign responsibilities to the technical teams responsible for the recovery of all data.
• D.Allow all technical first-responders to understand their roles in the event of a disaster

Comment: *

Name: *

Email: *

Verification: *