Which of the following should be an information security manager's MOST important criterion for determining when to review the incident response plan?

• A.At intervals indicated by industry best practice
• B.When missing information impacts recovery from an incident
• C.When recovery time objectives (RTOs) are not met
• D.Before an internal audit of the incident response process

Comment: *

Name: *

Email: *

Verification: *

The service level agreement (SLA) for an outsourced IT function does not reflect an adequate level of protection. In this situation an information security manager should:

• A.ensure the provider is made liable for losses.
• B.recommend not renewing the contract upon expiration.
• C.recommend the immediate termination of the contract.
• D.determine the current level of security.

Comment: *

Name: *

Email: *

Verification: *

The BEST time to perform a penetration test is after:

• A.an attempted penetration has occurred.
• B.an audit has reported weaknesses in security controls.
• C.various infrastructure changes are made.
• D.a high turnover in systems staff.

Comment: *

Name: *

Email: *

Verification: *

Which of the following devices should be placed within a demilitarized zone (DMZ )?

• A.Network switch
• B.Web server
• C.Database server
• D.File/print server

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST course of action for an information security manager to align security and business goals?

• A.Conducting a business impact analysis (BIA)
• B.Reviewing the business strategy
• C.Defining key performance indicators (KPIs)
• D.Actively engaging with stakeholders

Comment: *

Name: *

Email: *

Verification: *