Question 56
The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?
Question 57
In accordance with best practices and international standards, how often is security awareness training provided to employees of an organization?
Question 58
The new CISO was informed of all the Information Security projects that the organization has in progress. Two projects are over a year behind schedule and over budget. Using best business practices for project management you determine that the project correctly aligns with the company goals.
Which of the following needs to be performed NEXT?
Question 59
How often should an environment be monitored for cyber threats, risks, and exposures?
Question 60
Which of the following are primary concerns for management with regard to assessing internal control objectives?