Which of the following is the BEST way to increase the visibility of information security within an organization's culture?

• A.Requiring cross-functional information security training
• B.Implementing user awareness campaigns for the entire company
• C.Publishing an acceptable use policy
• D.Establishing security policies based on industry standards

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important for an information security manager to communicate to senior management regarding the security program?

• A.Security architecture changes
• B.Impact analysis results
• C.Potential risks and exposures
• D.User roles and responsibilities

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST way to ensure that Incidents are Identified and reported?

• A.Implement an ongoing incident response training program for employees.
• B.Implement an automated monitoring program to detect incidents.
• C.Develop and communicate a comprehensive incident response plan.
• D.Publish a punitive action policy for failure to report Incidents.

Comment: *

Name: *

Email: *

Verification: *

When an organization is implementing an information security governance program, its board of directors should be responsible for:

• A.drafting information security policies.
• B.reviewing training and awareness programs.
• C.setting the strategic direction of the program.
• D.auditing for compliance.

Comment: *

Name: *

Email: *

Verification: *

An experienced information security manager joins a new organization and begins by conducting an audit of all key IT processes. Which of the following findings about the vulnerability management program should be of GREATEST concern?

• A.Vulnerabilities are identified by internal staff rather than by external consultants.
• B.The number of vulnerabilities identified exceeds industry benchmarks.
• C.Identified vulnerabilities are not logged and resolved in a timely manner.
• D.Identified vulnerabilities are not published and communicated in awareness programs.

Comment: *

Name: *

Email: *

Verification: *