In effort to save your company money which of the following methods of training results in the lowest cost for the organization?
Which of the following are the triple constraints of project management?
You currently cannot provide for 24/7 coverage of your security monitoring and incident response duties and your company is resistant to the idea of adding more full-time employees to the payroll. Which combination of solutions would help to provide the coverage needed without the addition of more dedicated staff? (choose the best answer):
What oversight should the information security team have in the change management process for application security?
Which of the following best summarizes the primary goal of a security program?
The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?
An application vulnerability assessment has identified a security flaw in an application. This is a flaw that was previously identified and remediated on a prior release of the application. Which of the following is MOST likely the reason for this recurring issue?
How often should the Statements of Standards for Attestation Engagements-16 (SSAE16)/International Standard on Assurance Engagements 3402 (ISAE3402) report of your vendors be reviewed?
Which of the following is the BEST indicator of a successful project?
The company decides to release the application without remediating the high-risk vulnerabilities. Which of the following is the MOST likely reason for the company to release the application?
You manage a newly created Security Operations Center (SOC), your team is being inundated with security alerts and don’t know what to do. What is the BEST approach to handle this situation?
The ultimate goal of an IT security projects is:
Which of the following represents the HIGHEST negative impact resulting from an ineffective security governance program?
What role should the CISO play in properly scoping a PCI environment?
The FIRST step in establishing a security governance program is to?
Which of the following is considered the MOST effective tool against social engineering?
When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?
Risk is defined as:
Why is it vitally important that senior management endorse a security policy?
Risk appetite directly affects what part of a vulnerability management program?
You have recently drafted a revised information security policy. From whom should you seek endorsement in order to have the GREATEST chance for adoption and implementation throughout the entire organization?
Which of the following international standards can be BEST used to define a Risk Management process in an organization?
Which of the following is MOST important when dealing with an Information Security Steering committee:
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
Which of the following is the MOST effective method for discovering common technical vulnerabilities within the
IT environment?
Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.
Recently, members of your organization have been targeted through a number of sophisticated phishing attempts and have compromised their system credentials. What action can you take to prevent the misuse of compromised credentials to change bank account information from outside your organization while still allowing employees to manage their bank information?
Scenario: The new CISO was informed of all the Information Security projects that the section has in progress. Two projects are over a year behind schedule and way over budget.
Which of the following will be most helpful for getting an Information Security project that is behind schedule back on schedule?
SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.
The CISO has validated audit findings, determined if compensating controls exist, and started initial remediation planning. Which of the following is the MOST logical next step?
Annual Loss Expectancy is derived from the function of which two factors?
Human resource planning for security professionals in your organization is a:
Which type of physical security control scan a person’s external features through a digital video camera before
granting access to a restricted area?
What are the three stages of an identity and access management system?
Your company has limited resources to spend on security initiatives. The Chief Financial Officer asks you to prioritize the protection of information resources based on their value to the company. It is essential that you be able to communicate in language that your fellow executives will understand. You should:
An organization has a number of Local Area Networks (LANs) linked to form a single Wide Area Network
(WAN). Which of the following would BEST ensure network continuity?
Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.
Symmetric encryption in general is preferable to asymmetric encryption when:
Which of the following defines the boundaries and scope of a risk assessment?
Which of the following is a term related to risk management that represents the estimated frequency at which a threat is expected to transpire?
Which of the following is considered to be an IT governance framework and a supporting toolset that allows for managers to bridge the gap between control requirements, technical issues, and business risks?
Creating a secondary authentication process for network access would be an example of?
The MOST common method to get an unbiased measurement of the effectiveness of an Information Security Management System (ISMS) is to
When working in the Payment Card Industry (PCI), how often should security logs be review to comply with the standards?
The patching and monitoring of systems on a consistent schedule is required by?
You are the Chief Information Security Officer of a large, multinational bank and you suspect there is a flaw in a two factor authentication token management process. Which of the following represents your BEST course of action?
With respect to the audit management process, management response serves what function?
Which of the following is the MOST important goal of risk management?
Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?
A recent audit has identified a few control exceptions and is recommending the implementation of technology and processes to address the finding. Which of the following is the MOST likely reason for the organization to reject the implementation of the recommended technology and processes?
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
Which of the following is a symmetric encryption algorithm?
The process of identifying and classifying assets is typically included in the
In terms of supporting a forensic investigation, it is now imperative that managers, first-responders, etc., accomplish the following actions to the computer under investigation:
Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network. Which is the single most important factor to introducing digital evidence into a court of law?
Your organization provides open guest wireless access with no captive portals. What can you do to assist with law enforcement investigations if one of your guests is suspected of committing an illegal act using your network?
Which of the following is MOST important when tuning an Intrusion Detection System (IDS)?
A customer of a bank has placed a dispute on a payment for a credit card account. The banking system uses digital signatures to safeguard the integrity of their transactions. The bank claims that the system shows proof that the customer in fact made the payment. What is this system capability commonly known as?
Which of the following strategies provides the BEST response to a ransomware attack?
Which of the following statements about Encapsulating Security Payload (ESP) is true?
SQL injection is a very popular and successful injection attack method. Identify the basic SQL injection text:
Physical security measures typically include which of the following components?
Your penetration testing team installs an in-line hardware key logger onto one of your network machines. Which of the following is of major concern to the security organization?