Which of the following recovery strategies has the GREATEST chance of failure?

• A.Hot site
• B.Redundant site
• C.Reciprocal arrangement
• D.Cold site

Comment: *

Name: *

Email: *

Verification: *

After logging in to a web application, further password credentials are required at various application points.
Which of the following is the PRIMARY reason for such an approach?

• A.To ensure access is granted to the authorized person
• B.To enforce strong two-factor authentication
• C.To ensure session management variables are secure
• D.To implement single sign-on

Comment: *

Name: *

Email: *

Verification: *

Which of the following steps should be performed FIRST in the risk assessment process?

• A.Staff interviews
• B.Threat identification
• C.Asset identification and valuation
• D.Determination of the likelihood of identified risks

Comment: *

Name: *

Email: *

Verification: *

A business partner of a factory has remote read-only access to material inventory to forecast future acquisition orders. An information security manager should PRIMARILY ensure that there is:

• A.an effective control over connectivity and continuity.
• B.a service level agreement (SLA) including code escrow.
• C.a business impact analysis (BIA).
• D.a third-party certification.

Comment: *

Name: *

Email: *

Verification: *

The service level agreement (SLA) for an outsourced IT function does not reflect an adequate level of protection. In this situation an information security manager should:

• A.ensure the provider is made liable for losses.
• B.recommend not renewing the contract upon expiration.
• C.recommend the immediate termination of the contract.
• D.determine the current level of security.

Comment: *

Name: *

Email: *

Verification: *