Which of the following is the BEST reason to initiate a reassessment of current risk?

• A.Certification requirements
• B.Changes to security personnel
• C.A recent security incident
• D.Follow-jp to an audit report

Comment: *

Name: *

Email: *

Verification: *

The chief information security officer (CISO) has developed an information security strategy, but is struggling to obtain senior management commitment for funds to implement the strategy.
Which of the following is the MOST likely reason?

• A.The strategy does not include a cost-benefit analysis.
• B.The CISO reports to the CIO.
• C.There was a lack of engagement with the business during development.
• D.The strategy does not comply with security standards.

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY reason for defining the information security roles and responsibilities of staff throughout an organization is to:

• A.reinforce the need for training
• B.increase corporate accountability
• C.comply with security policy
• D.enforce individual accountability

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST contributes to the development of a security governance framework that supports the maturity model concept?

• A.Continuous analysis, monitoring and feedback
• B.Continuous monitoring of the return on security investment (ROSD
• C.Continuous risk reduction
• D.Key risk indicator (KRD setup to security management processes

Comment: *

Name: *

Email: *

Verification: *

An intrusion detection system (IDS) should:

• A.run continuously
• B.ignore anomalies
• C.require a stable, rarely changed environment
• D.be located on the network

Comment: *

Name: *

Email: *

Verification: *