An international organization is planning a project to implement encryption technologies to protect company confidential information. This organization has data centers on three continents. Which of the following would be considered a MAJOR constraint for the project?

• A.Compliance to local hiring laws
• B.Encryption import/export regulations
• C.Local customer privacy laws
• D.Time zone differences

Comment: *

Name: *

Email: *

Verification: *

Creating good security metrics is essential for a CISO. What would be the BEST sources for creating security metrics for baseline defenses coverage?

• A.Firewall, exchange, web server, intrusion detection system (IDS)
• B.Firewall, anti-virus console, IDS, syslog
• C.IDS, syslog, router, switches
• D.Servers, routers, switches, modem

Comment: *

Name: *

Email: *

Verification: *

When you develop your audit remediation plan what is the MOST important criteria?

• A.To remediate all of the findings before the next audit.
• B.To validate that the cost of the remediation is less than risk of the finding.
• C.To validate the remediation process with the auditor.
• D.To remediate half of the findings before the next audit.

Comment: *

Name: *

Email: *

Verification: *

Risk that remains after risk mitigation is known as

• A.Non-tolerated risk
• B.Persistent risk
• C.Accepted risk
• D.Residual risk

Comment: *

Name: *

Email: *

Verification: *

An access point (AP) is discovered using Wireless Equivalent Protocol (WEP). The cipher text sent by the AP is encrypted with the same key and cipher used by its stations.
What authentication method is being used?

• A.Open
• B.Asynchronous
• C.None
• D.Shared key

Comment: *

Name: *

Email: *

Verification: *