An information security manager wants to improve the ability to identify changes in risk levels affecting the organization's systems. Which of the following is the
BEST method to achieve this objective?
Answer : C
When developing an escalation process for an incident response plan, the information security manager should PRIMARILY consider the:
Answer : A
Which of the following should be an information security managers MOST important consideration when determining if an information asset has been classified appropriately?
Answer : A
The effectiveness of an incident response team will be GREATEST when:
Answer : A
An information security manager MUST have an understanding of the organization's business goals to:
Answer : D
An information security manager MUST have an understanding of an information security program?
Answer : D
An attacker was able to gain access to an organization's perimeter firewall and made changes to allow wider external access and to steal data. Which of the following would have BEST provided timely identification of this incident?
Answer : C
When establishing metrics for an information security program, the BEST approach is to identify indicators that:
Answer : D
For an organization that provides web-based services, which of the following security events would MOST likely initiate an incident response plan and be escalated to management?
Answer : A
An information security manager is implementing a bring your own device (BYOD) program. Which of the following would BEST ensure that users adhere to the security standards?
Answer : C
When monitoring the security of a web-based application, which of the following is MOST frequently reviewed?
Answer : B
Which of the following is the MOST effective way for an information security manager to ensure that security is incorporated into an organization's project development processes?
Answer : D
Which of the following provides the MOST relevant information to determine the overall effectiveness of an information security program and underlying business processes?
Answer : D
An organization finds unauthorized software has been installed on a number of workstations. The software was found to contain a Trojan, which had been uploading data to an unknown external party. Which of the following would have BEST prevented the installation of the unauthorized software?
Answer : D
When developing a tabletop test plan for incident response testing, the PRIMARY purpose of the scenario should be to:
Answer : B