In performing a risk assessment on the impact of losing a server, the value of the server should be calculated using the:

• A.original cost to acquire.
• B.cost of the software stored.
• C.annualized loss expectancy (ALE).
• D.cost to obtain a replacement.

Comment: *

Name: *

Email: *

Verification: *

What would be the PRIMARY reason for an organization to conduct a simulated phishing attack on its employees as part of a social engineering assessment?

• A.Measure the effectiveness of security awareness training.
• B.Identify the need for mitigating security controls.
• C.Measure the effectiveness of the anti-spam solution.
• D.Test the effectiveness of the incident response plan.

Comment: *

Name: *

Email: *

Verification: *

Web application firewalls are needed in addition to other intrusion prevention and detection technology PRIMARILY because:

• A.web services are prone to attacks.
• B.web services require unique forensic evidence
• C.they recognize web application protocols.
• D.they prevent modification of application source code

Comment: *

Name: *

Email: *

Verification: *

Which of the following would BEST support a business case to implement a data leakage prevention (DLP) solution?

• A.A risk assessment on the threat of data leakage
• B.An unusual upward trend in outbound email volume
• C.Lack of visibility into previous data leakage incidents
• D.Industry benchmark of DLP investments

Comment: *

Name: *

Email: *

Verification: *

At what stage of the applications development process would encryption key management initially be addressed?

• A.Requirements development
• B.Deployment
• C.Systems testing
• D.Code reviews

Comment: *

Name: *

Email: *

Verification: *