A new organization has been hit with a ransomware attack that is critically impacting its business operations. The organization does not yet have a proper incident response plan, but it does have a backup procedure for restoration of dat a. Which of the following should be the FIRST course of action?

• A.Recommend that management pay the ransom.
• B.Isolate the affected system.
• C.Establish an incident response plan.
• D.Contact the legal department.

Comment: *

Name: *

Email: *

Verification: *

Which of the following metrics is the BEST measure of the effectiveness of an information security program?

• A.Reduction In the number of vulnerabilities in an organization
• B.Reduction In the cost of risk remediation for an organization
• C.Reduction in the amount of risk exposure in an organization
• D.Reduction in the number of threats to an organization

Comment: *

Name: *

Email: *

Verification: *

When implementing a new risk assessment methodology, which of the following is the MOST important requirement?

• A.Risk assessments must be conducted by certified staff.
• B.The methodology must be approved by the chief executive officer.
• C.Risk assessments must be reviewed annually.
• D.The methodology used must be consistent across the organization.

Comment: *

Name: *

Email: *

Verification: *

In a well-controlled environment, which of the following activities is MOST likely to lead to the introduction of weaknesses in security software?

• A.Applying patches
• B.Changing access rules
• C.Upgrading hardware
• D.Backing up files

Comment: *

Name: *

Email: *

Verification: *

What is the BEST way to ensure data protection upon termination of employment?

• A.Retrieve identification badge and card keys
• B.Retrieve all personal computer equipment
• C.Erase all of the employee's folders
• D.Ensure all logical access is removed

Comment: *

Name: *

Email: *

Verification: *