Scenario: Your program is developed around minimizing risk to information by focusing on people, technology, and operations.
An effective way to evaluate the effectiveness of an information security awareness program for end users, especially senior executives, is to conduct periodic:

• A.Password changes
• B.Scanning for viruses
• C.Controlled spear phishing campaigns
• D.Baselining of computer systems

Comment: *

Name: *

Email: *

Verification: *

Which of the following most commonly falls within the scope of an information security
governance steering committee?

• A.Vetting information security policies
• B.Approving access to critical financial systems
• C.Developing content for security awareness programs
• D.Interviewing candidates for information security specialist positions

Comment: *

Name: *

Email: *

Verification: *

Which of the following statements about Encapsulating Security Payload (ESP) is true?

• A.It uses TCP port 22 as the default port and operates at the application layer.
• B.It is an IPSec protocol.
• C.It is a text-based communication protocol.
• D.It uses UDP port 22

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a MAJOR consideration when an organization retains sensitive customer data and uses this data to better target the organization's products and services?

• A.Local privacy laws
• B.Financial reporting regulations
• C.Strong authentication technologies
• D.Credit card compliance and regulations

Comment: *

Name: *

Email: *

Verification: *

Regulatory requirements typically force organizations to implement

• A.Mandatory controls
• B.Discretionary controls
• C.Optional controls
• D.Financial controls

Comment: *

Name: *

Email: *

Verification: *