When you develop your audit remediation plan what is the MOST important criteria?

• A.To remediate half of the findings before the next audit.
• B.To remediate all of the findings before the next audit.
• C.To validate that the cost of the remediation is less than the risk of the finding.
• D.To validate the remediation process with the auditor.

Comment: *

Name: *

Email: *

Verification: *

Creating good security metrics is essential for a CISO. What would be the BEST sources for creating security metrics for baseline defenses coverage?

• A.Firewall, anti-virus console, IDS, syslog
• B.IDS, syslog, router, switches
• C.Firewall, exchange, web server, intrusion detection system (IDS)
• D.Servers, routers, switches, modem

Comment: *

Name: *

Email: *

Verification: *

A person in your security team calls you at night and informs you that one of your web applications is potentially under attack from a cross-site scripting vulnerability. What do you do?

• A.tell him to shut down the server
• B.tell him to analyze the problem, preserve the evidence and provide a full analysis and report
• C.tell him to call the police
• D.tell him to invoke the incident response process

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important component of any change management process?

• A.Scheduling
• B.Outage planning
• C.Back-out procedures
• D.Management approval

Comment: *

Name: *

Email: *

Verification: *

The regular review of a firewall ruleset is considered a

• A.Management control
• B.Technical control
• C.Procedural control
• D.Organization control

Comment: *

Name: *

Email: *

Verification: *