Acme Inc. has engaged a third party vendor to provide 99.999% up-time for their online web presence and had them contractually agree to this service level agreement.
What type of risk tolerance is Acme exhibiting?

• A.medium-high risk-tolerance
• B.high risk-tolerance
• C.moderate risk-tolerance
• D.low risk-tolerance

Comment: *

Name: *

Email: *

Verification: *

A stakeholder is a person or group:

• A.Vested in the success and/or failure of a project or initiative regardless of budget implications.
• B.That has budget authority.
• C.Vested in the success and/or failure of a project or initiative and is tied to the project budget.
• D.That will ultimately use the system.

Comment: *

Name: *

Email: *

Verification: *

Scenario: Critical servers show signs of erratic behavior within your organization's intranet. Initial information indicates the systems are under attack from an outside entity. As the Chief Information Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the details of this incident and take action according to the information available to the team.
In what phase of the response will the team extract information from the affected systems without altering original data?

• A.Follow-up
• B.Recovery
• C.Response
• D.Investigation

Comment: *

Name: *

Email: *

Verification: *

Access Control lists (ACLs), Firewalls, and Intrusion Prevention Systems are examples of

• A.Software segmentation controls
• B.Network based security preventative controls
• C.User segmentation controls
• D.Network based security detective controls

Comment: *

Name: *

Email: *

Verification: *

Which of the following reports should you as an IT auditor use to check on compliance with a service level agreement's requirement for uptime?

• A.Systems logs
• B.Utilization reports
• C.Hardware error reports
• D.Availability reports

Comment: *

Name: *

Email: *

Verification: *