Question 116
Involvement of senior management is MOST important in the development of:
Question 117
A system was hardened at the Operating System level and placed into the production environment. Months later an audit was performed and it identified insecure configuration different from the original hardened state. Which of the following security issues is the MOST likely reason leading to the audit findings?
Question 118
An audit was conducted and many critical applications were found to have no disaster recovery plans in place.
You conduct a Business Impact Analysis (BIA) to determine impact to the company for each application.
What should be the NEXT step?
Question 119
A person in your security team calls you at night and informs you that one of your web applications is potentially under attack from a cross-site scripting vulnerability.
What do you do?
Question 120
A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy.
This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?