Which of the following is the BEST way for an information security manager to promote the integration of information security considerations into key business processes?

• A.Facilitate the creation of an information security steering group
• B.Conduct information security briefings for executives
• C.Conduct a business impact analysis (BIA).
• D.Provide information security awareness training.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the PRIMARY input when defining the desired state of security within an organization?

• A.Acceptable risk level
• B.Level of business impact
• C.External audit results
• D.Annual loss expectancy

Comment: *

Name: *

Email: *

Verification: *

The MOST important reason to use a centralized mechanism to identify information security incidents is to:

• A.detect threats across environments
• B.prevent unauthorized changes to networks
• C.comply with corporate policies
• D.detect potential fraud

Comment: *

Name: *

Email: *

Verification: *

The MOST important reason to use a centralized mechanism to identify information security incidents is to:

• A.detect potential fraud.
• B.comply with corporate policies.
• C.threats across environments.
• D.prevent unauthorized changes to networks.

Comment: *

Name: *

Email: *

Verification: *

The data access requirements for an application should be determined by the:

• A.legal department.
• B.compliance officer.
• C.information security manager.
• D.business owner.

Comment: *

Name: *

Email: *

Verification: *