A small organization is experiencing rapid growth and plans to create a new information security policy.
Which of the following is MOST relevant to creating the policy?

• A.Industry standards
• B.The business impact analysis (BIA)
• C.The business objectives
• D.Previous audit recommendations

Comment: *

Name: *

Email: *

Verification: *

When reviewing a contract for a disaster recovery hot site, which of the following would be the MOST significant omission?

• A.Audit rights
• B.Testing procedures
• C.Exposure coverage
• D.Equipment provided

Comment: *

Name: *

Email: *

Verification: *

What method might an IS auditor utilize to test wireless security at branch office locations?

• A.War dialing
• B.Social engineering
• C.War driving
• D.Password cracking

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY role of an IS auditor in the remediation of problems found during an audit engagement is to:

• A.help auditee management by providing the solution.
• B.take ownership of the problems and oversee remediation efforts.
• C.present updated policies to management for approval.
• D.explain the findings and provide general advice.

Comment: *

Name: *

Email: *

Verification: *

Which of the following would BEST support a business case to implement a data leakage prevention (DLP) solution?

• A.An unusual upward trend in outbound email volume
• B.Lack of visibility into previous data leakage incidents
• C.Industry benchmark of DLP investments
• D.A risk assessment on the threat of data leakage

Comment: *

Name: *

Email: *

Verification: *