As the CISO you need to write the IT security strategic plan. Which of the following is the MOST important to review before you start writing the plan?

• A.The existing IT environment.
• B.The present IT budget.
• C.The company business plan.
• D.Other corporate technology trends.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important reason to measure the effectiveness of an Information Security Management System (ISMS)?

• A.Better understand strengths and weaknesses of the program
• B.Meet legal requirements
• C.Meet regulatory compliance requirements
• D.Better understand the threats and vulnerabilities affecting the environment

Comment: *

Name: *

Email: *

Verification: *

Who is responsible for securing networks during a security incident?

• A.Incident Response Team (IRT)
• B.Chief Information Security Officer (CISO)
• C.Disaster Recovery (DR) manager
• D.Security Operations Center (SO

Comment: *

Name: *

Email: *

Verification: *

A recent audit has identified a few control exceptions and is recommending the implementation of technology and processes to address the finding. Which of the following is the MOST likely reason for the organization to reject the implementation of the recommended technology and processes?

• A.The auditors have not followed proper auditing processes
• B.The CIO of the organization disagrees with the finding
• C.The risk tolerance of the organization permits this risk
• D.The organization has purchased cyber insurance

Comment: *

Name: *

Email: *

Verification: *

An access point (AP) is discovered using Wireless Equivalent Protocol (WEP). The ciphertext sent by the AP is encrypted with the same key and cipher used by its stations. What authentication method is being used?

• A.Open
• B.Shared key
• C.Asynchronous
• D.None

Comment: *

Name: *

Email: *

Verification: *