Which of the following is the MOST important reason to measure the effectiveness of an Information Security Management System (ISMS)?

• A.Better understand the threats and vulnerabilities affecting the environment
• B.Better understand strengths and weakness of the program
• C.Meet regulatory compliance requirements
• D.Meet legal requirements

Comment: *

Name: *

Email: *

Verification: *

The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help mitigate the risks?

• A.Provide developer security training
• B.Provide security testing tools
• C.Implement Compensating Controls
• D.Deploy Intrusion Detection Systems

Comment: *

Name: *

Email: *

Verification: *

The process of creating a system which divides documents based on their security level to manage access to private data is known as ____________________.

• A.Privacy protection
• B.security coding
• C.data classification
• D.data security system

Comment: *

Name: *

Email: *

Verification: *

Which of the following functions MUST your Information Security Governance program include for formal organizational reporting?

• A.Human Resources and Budget
• B.Budget and Compliance
• C.Legal and Human Resources
• D.Audit and Legal

Comment: *

Name: *

Email: *

Verification: *