For workstations used to facilitate a forensic investigation it is MOST important to ensure

• A.The workstations are backup up and hardened on a regular basis
• B.the workstations are only accessed by members of the forensics team
• C.only forensics-related software is installed on the workstations
• D.a documented chain of custody log is kept for the workstations.

Comment: *

Name: *

Email: *

Verification: *

An information security manager has identified the organization is not in compliance with new legislation that will soon be in effect. Which of the following is MOST important to consider when determining additional controls to be implemented?

• A.The information security strategy
• B.The information security policy
• C.The organization's risk appetite
• D.The organization's cost of noncompliance

Comment: *

Name: *

Email: *

Verification: *

The decision as to whether a risk has been reduced to an acceptable level should be determined by:

• A.organizational requirements.
• B.information systems requirements.
• C.information security requirements.
• D.international standards.

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY objective of periodically testing an incident response plan should be to:

• A.improve employee awareness of the incident response process,
• B.harden the technical infrastructure.
• C.improve internal processes and procedures,
• D.highlight the importance of incident response and recovery.

Comment: *

Name: *

Email: *

Verification: *

Which of the following factors is a PRIMARY driver for information security governance that does not require any further justification?

• A.Alignment with industry best practices
• B.Business continuity investment
• C.Business benefits
• D.Regulatory compliance

Comment: *

Name: *

Email: *

Verification: *