Loading of illegal software packages onto a network by an employee is MOST effectively detected by:

• A.diskless workstations.
• B.regular scanning of hard drives
• C.maintaining current antivirus software.
• D.logging of activity on network drives.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the STRONGEST indication of a mature risk management program?

• A.Risk assessment results are used for informed decision-making.
• B.All attributes of risk are evaluated by the risk owner.
• C.A metrics dashboard has been approved by senior management.
• D.The risk register is regularly updated by risk practitioners.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important action to ensure timely detection and triage for potential security incidents within an organization?

• A.Install an agent to forward logs to a security information and event management (SIEM) solution for real-time analysis.
• B.Train help desk staff to identify potential symptoms of security incidents when users initiate service tickets.
• C.Ensure all network components and endpoints are hardened.
• D.Engage a third-party service provider for incident response and forensic investigation.

Comment: *

Name: *

Email: *

Verification: *

When auditing the IT governance of an organization planning to outsource a critical financial application to a cloud vendor, the MOST important consideration for the auditor should be:

• A.the cost of the outsourced system.
• B.alignment with business requirements.
• C.alignment with industry standards.
• D.the inclusion of a service termination clause.

Comment: *

Name: *

Email: *

Verification: *

Which of the following provides nonrepudiation services for e-commerce transactions?

• A.Public key infrastructure (PKI)
• B.Data Encryption Standard (DES)
• C.Message authentication code (MAC)
• D.Personal identification number (PIN)

Comment: *

Name: *

Email: *

Verification: *