Академический Документы
Профессиональный Документы
Культура Документы
Select an answer:
A. ensure that controls operate as required.
Select an answer:
A. The program's governance oversight mechanisms
Select an answer:
A. information security and business objectives.
B. security controls with information technology.
Select an answer:
A. One rule may override another rule in the chain and create a loophole
C. The firewall may not support the increasing number of rules due to limitations
The firewall may show abnormal behavior and may crash or automatically shut
D.
down
Select an answer:
A. Direct reports to the chief information officer
B. IT management and key business process owners
Select an answer:
A. Chief information officer (CIO)
Select an answer:
A. Data mining
B. Network mapping
D. Customer data
Select an answer:
A. incidents may have a high impact and frequency.
Select an answer:
A. considered at the discretion of the information owner.
Select an answer:
A. reduce adverse events.
B. indicate compromise.
C. mitigate impact.
D. ensure compliance.
Select an answer:
A. revise the information security program.
Select an answer:
A. Security metrics
B. Security baselines
C. Management support
D. Periodic training
Select an answer:
A. Internal auditor
C. Steering committee
D. IT management
Select an answer:
A. Security policies and procedures
Select an answer:
A. implement the strategy.
B. optimize resources.
C. deliver on metrics.
D. achieve assurance.
16-An information security manager reviewed the access
control lists and observed that privileged access was granted to
an entire department. Which of the following should the
information security manager do FIRST?
Select an answer:
A. Review the procedures for granting access
Select an answer:
A. a comprehensive risk assessment and analysis.
C. Metasploit
Select an answer:
A. prioritize the use of role-based access controls.
Select an answer:
A. Support of business objectives
B. Security metrics
C. Security deliverables
Select an answer:
A. Proficiency test
B. Job descriptions
C. Organization chart
D. Skills inventory
Select an answer:
A. reduction of the total cost of ownership (TCO).
B. improved compliance with organizational policies and standards.
D. easier administration.
Select an answer:
A. The number of false positives increases
Select an answer:
A. Controls design and deployment
Select an answer:
A. industry best practices.
B. organizational needs.
Select an answer:
A. improve the integration of business and information security processes.
Select an answer:
A. a comprehensive risk assessment and analysis.
Select an answer:
A. Packet filtering
B. Intrusion detection
C. Software upgrades
D. Definition files
29-Which of the following is the MOST critical success factor of
an information security program?
Select an answer:
A. Developing information security policies and procedures
Select an answer:
A. Security awareness training