Which of the following would be MOST useful to help senior management understand the status of information security compliance?

• A.Industry benchmarks
• B.Risk assessment results
• C.Business impact analysis (BIA) results
• D.Key performance indicators (KPIs)

Comment: *

Name: *

Email: *

Verification: *

A third-party audit of an organization's network security has identified several critical risks. Which of the following should the information security manager do NEXT?

• A.Report the findings to senior management.
• B.Prioritize the risks.
• C.Assign risk ownership.
• D.Identify mitigating controls.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST effective in protecting against the attack technique known as phishing?

• A.Firewall blocking rules
• B.Up-to-date signature files
• C.Security awareness training
• D.Intrusion detection monitoring

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important element of an information security strategy?

• A.Defined objectives
• B.Time frames for delivery
• C.Adoption of a control framework
• D.Complete policies

Comment: *

Name: *

Email: *

Verification: *

A data leakage prevention (DLP) solution has identified that several employees are sending confidential company data to their personal email addresses in violation of company policy. The information security manager should FIRST:

• A.limit access to the Internet for employees involved
• B.initiate an investigation to determine the full extent of noncompliance
• C.contact the employees involved to retake security awareness training
• D.notify senior management that employees are breaching policy

Comment: *

Name: *

Email: *

Verification: *