The amount of risk an organization is willing to accept in pursuit of its mission is known as

• A.Risk mitigation
• B.Risk acceptance
• C.Risk transfer
• D.Risk tolerance

Comment: *

Name: *

Email: *

Verification: *

An application vulnerability assessment has identified a security flaw in an application. This is a flaw that was previously identified and remediated on a prior release of the application. Which of the following is MOST likely the reason for this recurring issue?

• A.High turnover in the application development department
• B.Ineffective configuration management controls
• C.Lack of change management controls
• D.Lack of version/source controls

Comment: *

Name: *

Email: *

Verification: *

Which of the following represents the best method of ensuring business unit alignment with security program requirements?

• A.Demonstrate executive support with written mandates for security policy adherence
• B.Provide clear communication of security requirements throughout the organization
• C.Perform increased audits of security processes and procedures
• D.Create collaborative risk management approaches within the organization

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY objective of security awareness is to:

• A.Put employees on notice in case follow-up action for noncompliance is necessary
• B.Ensure that security policies are read.
• C.Encourage security-conscious behavior

Comment: *

Name: *

Email: *

Verification: *

The BEST organization to provide a comprehensive, independent and certifiable perspective on established security controls in an environment is

• A.Internal Audit
• B.Forensic experts
• C.Penetration testers
• D.External Audit

Comment: *

Name: *

Email: *

Verification: *