When outsourcing data to a cloud service provider, which of the following should be the information security manager's MOST important consideration?

• A.Data stored at the cloud service provider is not co-mingled.
• B.Roles and responsibilities have been defined for the subscriber organization.
• C.Cloud servers are located in the same country as the organization.
• D.Access authorization includes biometric security verification.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important to keep in mind when assessing the value of information?

• A.The potential financial loss
• B.The cost of recreating the information
• C.The cost of insurance coverage
• D.Regulatory requirement

Comment: *

Name: *

Email: *

Verification: *

The MAIN reason for deploying a public key infrastructure (PKI) when implementing an information security program is to:

• A.ensure the confidentiality of sensitive material.
• B.provide a high assurance of identity.
• C.allow deployment of the active directory.
• D.implement secure sockets layer (SSL) encryption.

Comment: *

Name: *

Email: *

Verification: *

Prior to having a third party perform an attack and penetration test against an organization, the MOST important action is to ensure that:

• A.the third party provides a demonstration on a test system.
• B.goals and objectives are clearly defined.
• C.the technical staff has been briefed on what to expect.
• D.special backups of production servers are taken.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the MOST important consideration when reporting sensitive risk-related information to stakeholders?

• A.Consulting with the public relations director
• B.Customizing the communication to the audience
• C.Ensuring nonrepudiation of communication
• D.Transmitting the internal communication securely

Comment: *

Name: *

Email: *

Verification: *