Which of the following is an information security manager's BEST course of action to gain approval for investment in a technical control?

• A.Calculate the exposure factor.
• B.Conduct a risk assessment.
• C.Conduct a business impact analysis (BIA).
• D.Perform a cost-benefit analysis.

Comment: *

Name: *

Email: *

Verification: *

What should be the FIRST step when an Internet of Things (loT) device in an organization's network is confirmed to have been hacked?

• A.Monitor the network.
• B.Perform forensic analysis.
• C.Disconnect the device from the network,
• D.Escalate to the incident response team

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be an information security manager s MOST important consideration when determining the priority for implementing security controls?

• A.Availability of security budget
• B.Possibility of reputational loss due to incidents
• C.Results of business impact analyses (BIAs)
• D.Alignment with industry benchmarks

Comment: *

Name: *

Email: *

Verification: *

Who can BEST approve plans to implement an information security governance framework?

• A.Internal auditor
• B.Information security management
• C.Steering committee
• D.Infrastructure management

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST useful to an information security manager when conducting a post-incident review of an attack?

• A.Location of the attacker
• B.Method of operation used by the attacker
• C.Cost of the attack to the organization
• D.Details from intrusion detection system (IDS) logs

Comment: *

Name: *

Email: *

Verification: *