The process for identifying, collecting, and producing digital information in support of legal proceedings is called _____________________________.
A. chain of custody
B. electronic review
C. evidence tampering
D. electronic discovery
What is the MAIN reason for conflicts between Information Technology and Information Security programs?
A. The effective implementation of security controls can be viewed as an inhibitor to rapid Information technology implementations.
B. Technology Governance is focused on process risks whereas Security Governance is focused on business risk.
C. Technology governance defines technology policies and standards while security governance does not.
D. Security governance defines technology best practices and Information Technology governance does not.
Which of the following is a fundamental component of an audit record?
A. Originating IP-Address
B. Date and time of the event
C. Failure of the event
D. Authentication type
A Chief Information Security Officer received a list of high, medium, and low impact audit findings. Which of the following represents the BEST course of action?
A. If the findings do not impact regulatory compliance, remediate only the high and medium risk findings.
B. If the findings do not impact regulatory compliance, review current security controls.
C. If the findings impact regulatory compliance, try to apply remediation that will address the most findings for the least cost.
D. if the findings impact regulatory compliance, remediate the high findings as quickly as possible.
Which of the following are not stakeholders of IT security projects?
A. Board of directors
B. Help Desk
C. Third party vendors
D. CISO
Your incident response plan should include which of the following?
A. Procedures for classification
B. Procedures for charge-back
C. Procedures for reclamation
D. Procedures for litigation
Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that data has been breached and you have discovered the repository of stolen data on a server located in a foreign country.
Your team now has full access to the data on the foreign server. Your defenses did not hold up to the test as originally thought. As you investigate how the data was compromised through log analysis you discover that a hardworking, but misguided business intelligence analyst posted the data to an obfuscated URL on a popular cloud storage service so they could work on it from home during their off-time.
Which technology or solution could you deploy to prevent employees from removing corporate data from your network?
A. Rigorous syslog reviews
B. Intrusion Detection Systems (IDS)
C. Security Guards posted outside the Data Center
D. Data Loss Prevention (DLP)
Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years. This global retail company is expected to accept credit card payments.
Which of the following is of MOST concern when defining a security program for this organization?
A. Adherence to local data breach notification laws
B. Compliance to Payment Card Industry (PCI) data security standards
C. Compliance with local government privacy laws
D. International encryption restrictions
A CISO has implemented a risk management capability within the security portfolio. Which of the following terms best describes this functionality?
A. Service
B. Program
C. Portfolio
D. Cost center
XYZ is a publicly-traded software development company.
Who is ultimately accountable to the shareholders in the event of a cybersecurity breach?
A. Chief Financial Officer (CFO)
B. Chief Software Architect (CIO)
C. CISO
D. Chief Executive Officer (CEO)
