Information Security is often considered an excessive, after-the-fact cost when a project or initiative is completed. What can be done to ensure that security is addressed cost effectively?

• A.User awareness training for all employees
• B.Launch an internal awareness campaign
• C.Installation of new firewalls and intrusion detection systems
• D.Integrate security requirements into project inception

Comment: *

Name: *

Email: *

Verification: *

In MOST organizations which group periodically reviews network intrusion detection system logs for all systems as part of their daily tasks?

• A.Compliance
• B.Database Administration
• C.Information Security
• D.Internal Audit

Comment: *

Name: *

Email: *

Verification: *

A digital signature addresses which of the following concerns?

• A.Message alteration
• B.Message copying
• C.Unauthorized reading
• D.Message theft

Comment: *

Name: *

Email: *

Verification: *

The general ledger setup function in an enterprise resource package allows for setting accounting periods.
Access to this function has been permitted to users in finance, the shipping department, and production scheduling.
What is the most likely reason for such broad access?

• A.The need to change accounting periods on a regular basis.
• B.The requirement to post entries for closed accounting period.
• C.The lack of policies and procedures for the proper segregation of duties.
• D.The need to create and modify the chart of accounts and its allocations.

Comment: *

Name: *

Email: *

Verification: *

Creating good security metrics is essential for a CISO. What would be the BEST sources for creating security metrics for baseline defenses coverage?

• A.Firewall, exchange, web server, intrusion detection system (IDS)
• B.Firewall, anti-virus console, IDS, syslog
• C.Servers, routers, switches, modem
• D.IDS, syslog, router, switches

Comment: *

Name: *

Email: *

Verification: *