To make sure that the actions of all employees, applications, and systems follow the organization’s rules and regulations can BEST be described as which of the following?
XYZ is a publicly-traded software development company.
Who is ultimately accountable to the shareholders in the event of a cybersecurity breach?
Which of the following is MOST important when tuning an Intrusion Detection System (IDS)?
What type of attack requires the least amount of technical equipment and has the highest success rate?
The ability to hold intruders accountable in a court of law is important. Which of the following activities are needed to ensure the highest possibility for successful prosecution?
Your incident handling manager detects a virus attack in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the incident handling process will utilize the signature to resolve this incident?
The process for identifying, collecting, and producing digital information in support of legal proceedings is called
Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network. Which is the single most important factor to introducing digital evidence into a court of law?
An access point (AP) is discovered using Wireless Equivalent Protocol (WEP). The ciphertext sent by the AP is encrypted with the same key and cipher used by its stations. What authentication method is being used?
Which of the following is the MOST important reason for performing assessments of the security portfolio?
Using the Transport Layer Security (TLS) protocol enables a client in a network to be:
What are the primary reasons for the development of a business case for a security project?
Which level of data destruction applies logical techniques to sanitize data in all user-addressable storage locations?
The Board of Directors of a publicly-traded company is concerned about the security implications of a strategic project that will migrate 50% of the organization’s information technology assets to the cloud. They have requested a briefing on the project plan and a progress report of the security stream of the project. As the CISO, you have been tasked with preparing the report for the Chief Executive Officer to present.
Using the Earned Value Management (EVM), what does a Cost Variance (CV) of -1,200 mean?
Of the following types of SOCs (Security Operations Centers), which one would be MOST likely used if the CISO has decided to outsource the infrastructure and administration of it?
The primary responsibility for assigning entitlements to a network share lies with which role?
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity.
The performance quality audit activity is done in what project management process group?
An audit was conducted and many critical applications were found to have no disaster recovery plans in place. You conduct a Business Impact Analysis (BIA) to determine impact to the company for each application. What should be the NEXT step?
Which of the following is the MOST effective way to measure the effectiveness of security controls on a perimeter network?
Which of the following represents the BEST reason for an organization to use the Control Objectives for Information and Related Technology (COBIT) as an Information Technology (IT) framework?
When a critical vulnerability has been discovered on production systems and needs to be fixed immediately, what is the BEST approach for a CISO to mitigate the vulnerability under tight budget constraints?
Which of the following BEST describes an international standard framework that is based on the security model Information Technology—Code of Practice for Information Security Management?
You are the Chief Information Security Officer of a large, multinational bank and you suspect there is a flaw in a two factor authentication token management process. Which of the following represents your BEST course of action?
A missing/ineffective security control is identified. Which of the following should be the NEXT step?
Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?
IT control objectives are useful to IT auditors as they provide the basis for understanding the:
A global retail company is creating a new compliance management process. Which of the following regulations is of MOST importance to be tracked and managed by this process?
Which of the following is a MAJOR consideration when an organization retains sensitive customer data and uses this data to better target the organization’s products and services?
Which of the following is the MOST important for a CISO to understand when identifying threats?
Which of the following is a weakness of an asset or group of assets that can be exploited by one or more threats?
Credit card information, medical data, and government records are all examples of:
What is the MAIN reason for conflicts between Information Technology and Information Security programs?
According to the National Institute of Standards and Technology (NIST) SP 800-40, which of the following considerations are MOST important when creating a vulnerability management program?
You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the
A Security Operations Centre (SOC) manager is informed that a database containing highly sensitive corporate strategy information is under attack. Information has been stolen and the database server was disconnected. Who must be informed of this incident?
What is the SECOND step to creating a risk management methodology according to the National Institute of Standards and Technology (NIST) SP 800-30 standard?
In accordance with best practices and international standards, how often is security awareness training provided to employees of an organization?
A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. Which of the following standards and guidelines can BEST address this organization’s need?
When project costs continually increase throughout implementation due to large or rapid changes in customer
or user requirements, this is commonly known as:
As the Chief Information Security Officer, you are performing an assessment of security posture to understand
what your Defense-in-Depth capabilities are. Which network security technology examines network traffic flows
to detect and actively stop vulnerability exploits and attacks?
Which of the following provides an independent assessment of a vendor’s internal security controls and overall posture?
The newly appointed CISO of an organization is reviewing the IT security strategic plan. Which of the following is the MOST important component of the strategic plan?
Which of the following conditions would be the MOST probable reason for a security project to be rejected by the executive board of an organization?
Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years.
Which of the following frameworks and standards will BEST fit the organization as a baseline for their security program?
You currently cannot provide for 24/7 coverage of your security monitoring and incident response duties and your company is resistant to the idea of adding more full-time employees to the payroll. Which combination of solutions would help to provide the coverage needed without the addition of more dedicated staff? (choose the best answer):
Which of the following is MOST beneficial in determining an appropriate balance between uncontrolled innovation and excessive caution in an organization?
What oversight should the information security team have in the change management process for application security?
When operating under severe budget constraints a CISO will have to be creative to maintain a strong security organization. Which example below is the MOST creative way to maintain a strong security posture during these difficult times?
This occurs when the quantity or quality of project deliverables is expanded from the original project plan.
An application vulnerability assessment has identified a security flaw in an application. This is a flaw that was previously identified and remediated on a prior release of the application. Which of the following is MOST likely the reason for this recurring issue?
Which of the following functions evaluates patches used to close software vulnerabilities of new systems to assure compliance with policy when implementing an information security program?