In the course of responding 10 an information security incident, the BEST way to treat evidence for possible legal action is defined by:

• A.international standards.
• B.local regulations.
• C.generally accepted best practices.
• D.organizational security policies.

Comment: *

Name: *

Email: *

Verification: *

An organization plans to acquire and implement a new web-based solution to enhance service functionality. Which of the following is the BEST way to ensure that information handled by the solution is secure?

• A.Conduct a security audit before implementing the solution in production.
• B.Integrate the organization's security requirements into the contract.
• C.Embed security requirements throughout the life cycle of the solution.
• D.Adopt secure coding practices during the solution's development.

Comment: *

Name: *

Email: *

Verification: *

Several business units reported problems with their systems after multiple security patches were deployed.
The FIRST step in handling this problem would be to:

• A.assess the problems and institute rollback procedures, if needed.
• B.disconnect the systems from the network until the problems are corrected.
• C.immediately uninstall the patches from these systems.
• D.immediately contact the vendor regarding the problems that occurred.

Comment: *

Name: *

Email: *

Verification: *

A root kit was used to capture detailed accounts receivable information. To ensure admissibility of evidence from a legal standpoint, once the incident was identified and the server isolated, the next step should be to:

• A.document how the attack occurred.
• B.notify law enforcement.
• C.take an image copy of the media.
• D.close the accounts receivable system.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the PRIMARY input when defining the desired state of security within an organization?

• A.Level of business impact
• B.Acceptable risk level
• C.Annual loss expectancy
• D.External audit results

Comment: *

Name: *

Email: *

Verification: *