Which of the following is the MOST important security consideration when planning to use a cloud service provider in a different country?

• A.Ability to meet business resiliency requirements
• B.Ability to logically separate client data
• C.Ability to meet service level agreements (SLAs)
• D.Ability to enforce contractual obligations

Comment: *

Name: *

Email: *

Verification: *

An organization has implemented a new customer relationship management (CRM) system. Who should be responsible for enforcing authorized and controlled access to the CRM data?

• A.The information security manager
• B.The data owner
• C.Internal II audit
• D.The data custodian

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important to include in a contract with a critical service provider to help ensure alignment with the organization's information security program?

• A.Key performance indicators (KPIs)
• B.Escalation paths
• C.Termination language
• D.Right-to-audit clause

Comment: *

Name: *

Email: *

Verification: *

An organization wants to integrate information security into its human resource management processes. Which of the following should be the FIRST step?

• A.Assess the business objectives of the processes.
• B.Benchmark the processes with best practice to identify gaps.
• C.Evaluate the cost of information security integration.
• D.Identify information security risk associated with the processes.

Comment: *

Name: *

Email: *

Verification: *

Which of the following circumstances would MOST likely require a review and update to an organization's information security incident response plan?

• A.A new business application has been implemented.
• B.The organizational structure has changed.
• C.A high-risk vulnerability has been detected.
• D.A new business strategy has been developed.

Comment: *

Name: *

Email: *

Verification: *