Which of the following is the BEST approach to identify noncompliance issues with legal, regulatory, and contractual requirements?

• A.Business impact analysis (BIA)
• B.Vulnerability assessment
• C.Risk assessment
• D.Gap analysis

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST approach to make strategic information security decisions?

• A.Establish regular information security status reporting.
• B.Establish an information security steering committee.
• C.Establish business unit security working groups.
• D.Establish periodic senior management meetings.

Comment: *

Name: *

Email: *

Verification: *

Which of the following would be MOST useful to help senior management understand the status of information security compliance?

• A.Industry benchmarks
• B.Key performance indicators (KPIs)
• C.Business impact analysis (BIA) results
• D.Risk assessment results

Comment: *

Name: *

Email: *

Verification: *

Information security awareness programs are MOST effective when they are:

• A.customized for each target audience.
• B.sponsored by senior management.
• C.reinforced by computer-based training.
• D.conducted at employee orientation

Comment: *

Name: *

Email: *

Verification: *

An employee used network logon credentials on a personal shopping site. The site was breached, resulting in an unauthorized person logging onto the network with the employee's credentials via remote access. What is the BEST recommendation to prevent recurrence of similar unauthorized logins?

• A.Block access to shopping sites from the network.
• B.Create policies against using logon credentials for personal use
• C.Recommend two-factor authentication for remote access.
• D.Implement security awareness training.

Comment: *

Name: *

Email: *

Verification: *