The single most important consideration to make when developing your security program, policies, and processes is:

• A.Budgeting for unforeseen data compromises
• B.Alignment with the business
• C.Streaming for efficiency
• D.Establishing your authority as the Security Executive

Comment: *

Name: *

Email: *

Verification: *

Which of the following functions evaluates patches used to close software vulnerabilities of new systems to assure compliance with policy when implementing an information security program?

• A.Risk assessment
• B.Planning
• C.System testing
• D.Incident response

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important reason to measure the effectiveness of an Information Security Management System (ISMS)?

• A.Better understand the threats and vulnerabilities affecting the environment
• B.Better understand strengths and weakness of the program
• C.Meet regulatory compliance requirements
• D.Meet legal requirements

Comment: *

Name: *

Email: *

Verification: *

Knowing the potential financial loss an organization is willing to suffer if a system fails is a determination of which of the following?

• A.Business continuity
• B.Risk appetite
• C.Likelihood of impact
• D.Cost benefit

Comment: *

Name: *

Email: *

Verification: *

What is the SECOND step to creating a risk management methodology according to the National Institute of Standards and Technology (NIST) SP 800-30 standard?

• A.Evaluate risk avoidance criteria
• B.Determine appetite
• C.Mitigate risk
• D.Perform a risk assessment

Comment: *

Name: *

Email: *

Verification: *