When a critical vulnerability has been discovered on production systems and needs to be fixed immediately, what is the BEST approach for a CISO to mitigate the vulnerability under tight budget constraints?

• A.Take the system off line until the budget is available
• B.Deploy countermeasures and compensating controls until the budget is available
• C.Schedule an emergency meeting and request the funding to fix the issue
• D.Transfer financial resources from other critical programs

Comment: *

Name: *

Email: *

Verification: *

The success of the Chief Information Security Officer is MOST dependent upon:

• A.raising awareness of security issues with end users
• B.favorable audit findings
• C.following the recommendations of consultants and contractors
• D.development of relationships with organization executives

Comment: *

Name: *

Email: *

Verification: *

What is the BEST reason for having a formal request for proposal process?

• A.Creates a timeline for purchasing and budgeting
• B.Informs suppliers a company is going to make a purchase
• C.Allows small companies to compete with larger companies
• D.Clearly identifies risks and benefits before funding is spent

Comment: *

Name: *

Email: *

Verification: *

What is the MOST critical output of the incident response process?

• A.Clearly defined documents detailing standard evidence collection and preservation processes
• B.Recovery of all data from affected systems
• C.A complete document of all involved team members and the support they provided
• D.Lessons learned from the incident, so they can be incorporated into the incident response processes

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a symmetric encryption algorithm?

• A.ECC
• B.MD5
• C.3DES
• D.RSA

Comment: *

Name: *

Email: *

Verification: *