Which of the following should be the PRIMARY goal of developing information security metrics?

• A.Ensuring regulatory compliance
• B.Raising security awareness
• C.Identifying security threats
• D.Enabling continuous improvement

Comment: *

Name: *

Email: *

Verification: *

You are the project manager in your enterprise. You have identified risk that is noticeable failure threatening the success of certain goals of your enterprise. In which of the following levels do this identified risk exists?

• A.Moderate risk
• B.High risk
• C.Extremely high risk
• D.Low risk

Comment: *

Name: *

Email: *

Verification: *

You are the IT manager in Bluewell Inc. You identify a new regulation for safeguarding the information processed by a specific type of transaction. What would be the FIRST action you will take?

• A.Assess whether existing controls meet the regulation
• B.Update the existing security privacy policy
• C.Meet with stakeholders to decide how to comply
• D.Analyze the key risk in the compliance process

Comment: *

Name: *

Email: *

Verification: *

A maturity model is MOST useful to an organization when it:

• A.provides risk metrics.
• B.provides a reference for progress
• C.benchmarks against other organizations
• D.defines a qualitative measure of risk

Comment: *

Name: *

Email: *

Verification: *

You are the project manager of GRT project. You discovered that by bringing on more qualified resources or by providing even better quality than originally planned, could result in reducing the amount of time required to complete the project. If your organization seizes this opportunity it would be an example of what risk response?

• A.Enhance
• B.Exploit
• C.Accept
• D.Share

Comment: *

Name: *

Email: *

Verification: *