Question 546
A third-party service provider has proposed a data loss prevention (DLP) solution. Which of the following MUST be in place for this solution to be relevant to the organization?
Question 547
A project team member notifies the information security manager of a potential security risk that has not been included in the risk register. Which of the following should the information security manager do FIRST?
Question 548
Which of the following is the MOST important consideration when implementing an intrusion detection system (IDS)?
Question 549
Which of the following individuals would be in the BEST position to sponsor the creation of an information security steering group?
Question 550
An organization's information security manager is performing a post-incident review of a security incident in which the following events occurred:
* A bad actor broke into a business-critical FTP server by brute forcing an administrative password
* The third-party service provider hosting the server sent an automated alert message to the help desk, but was ignored
* The bad actor could not access the administrator console, but was exposed to encrypted data transferred to the server
* After three (3) hours, the bad actor deleted the FTP directory, causing incoming FTP attempts by legitimate customers to fail Which of the following could have been prevented by conducting regular incident response testing?