Priority should be given to which of the following to ensure effective implementation of information security governance?
A. Consultation
B. Negotiation
C. Facilitation
D. Planning
What is the MOST important consideration when establishing metrics for reporting to the information security strategy committee?
A. Agreeing on baseline values for the metrics
B. Developing a dashboard for communicating the metrics
C. Providing real-time insight on the security posture of the organization
D. Benchmarking the expected value of the metrics against industry standards
When a newly installed system for synchronizing passwords across multiple systems and platforms abnormally terminates without warning, which of the following should automatically occur FIRST?
A. The firewall should block all inbound traffic during the outage
B. All systems should block new logins until the problem is corrected
C. Access control should fall back to no synchronized mode
D. System logs should record all user activity for later analysis
Senior management has endorsed a comprehensive information security policy. Which of the following should the organization do NEXT?
A. Promote awareness of the policy among employees.
B. Seek policy buy-in from business stakeholders.
C. Implement an authentication and authorization system.
D. Identify relevant information security frameworks for adoption.
Calculation of the recovery time objective (RTO) is necessary to determine the:
A. time required to restore files
B. priority of restoration
C. point of synchronization
D. annual loss expectancy (ALE)
An information security manager reviewing firewall rules will be MOST concerned if the firewall allows:
A. source routing.
B. broadcast propagation.
C. unregistered ports.
D. nonstandard protocols.
Which of the following is the MOST important consideration for an organization interacting with the media during a disaster?
A. Communicating specially drafted messages by an authorized person
B. Refusing to comment until recovery
C. Referring the media to the authorities
D. Reporting the losses and recovery strategy to the media
A large number of exceptions to an organization's information security standards have been granted after senior management approved a bring your own device (BYOD) program. To address this situation, it is MOST important for the information security manager to:
A. introduce strong authentication on devices.
B. reject new exception requests.
C. update the information security policy.
D. require authorization to wipe lost devices.
Which of the following is the BEST way for an organization to determine the maturity level of its information security program?
A. Review the results of information security awareness testing.
B. Validate the effectiveness of implemented security controls.
C. Benchmark the information security policy against industry standards.
D. Track the trending of information security incidents.
After an information security incident has been detected and its priority established, which of the following should be the NEXT course of action?
A. Gathering evidence
B. Eradicating the incident
C. Performing a risk assessment
D. Containing the incident
