Several significant risks have been identified after a centralized risk register was compiled and prioritized. The information security manager s MOST important action is to:

• A.ensure that employees are aware of the risk.
• B.design and implement controls to reduce the risk.
• C.consult external third parties on how to treat the risk.
• D.provide senior management with risk treatment options.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST effective method of preventing deliberate internal security breaches?

• A.Well-designed firewall system
• B.Screening prospective employees
• C.Well-designed intrusion detection system (IDS)
• D.Biometric security access control

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST way to obtain support for a new organization-wide information security program?

• A.Benchmark against similar industry organizations
• B.Deliver an information security awareness campaign.
• C.Publish an information security RACI chart.
• D.Establish an information security strategy committee.

Comment: *

Name: *

Email: *

Verification: *

Information security awareness programs are MOST effective when they are:

• A.customized for each target audience
• B.sponsored by senior management
• C.reinforced by computer-based training
• D.conducted at employee orientation.

Comment: *

Name: *

Email: *

Verification: *

Which of the following defines the triggers within a business continuity plan (BCP)?

• A.Disaster recovery plan
• B.Needs of the organization
• C.Gap analysis
• D.Information security policy

Comment: *

Name: *

Email: *

Verification: *