Which regulation or policy governs protection of personally identifiable user data gathered during a cyber investigation?
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
A company wants to fill a Chief Information Security Officer position in the organization. They need to define and implement a more holistic security program. Which of the following qualifications and experience would be MOST desirable to find in a candidate?
Which of the following is the MOST important reason to measure the effectiveness of an Information Security Management System (ISMS)?
A system was hardened at the Operating System level and placed into the production environment. Months later an audit was performed and it identified insecure configuration different from the original hardened state.
Which of the following security issues is the MOST likely reason leading to the audit findings?
