Which of the following organizations is typically in charge of validating the implementation and effectiveness of security controls?

• A.Risk Management
• B.Internal/External Audit
• C.Security Operations
• D.Security Administrators

Comment: *

Name: *

Email: *

Verification: *

Which of the following functions MUST your Information Security Governance program include for formal organizational reporting?

• A.Audit and Legal
• B.Human Resources and Budget
• C.Legal and Human Resources
• D.Budget and Compliance

Comment: *

Name: *

Email: *

Verification: *

Which of the following functions implements and oversees the use of controls to reduce risk when creating an information security program?

• A.Network Security administration
• B.Risk Assessment
• C.Risk Management
• D.Incident Response

Comment: *

Name: *

Email: *

Verification: *

The establishment of a formal risk management framework and system authorization program is essential. The LAST step of the system authorization process is:

• A.Changing the default passwords
• B.Contacting the Internet Service Provider for an IP scope
• C.Conducting a final scan of the live system and mitigating all high and medium level vulnerabilities
• D.Getting authority to operate the system from executive management

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST indicator of a successful project?

• A.it is completed on time or early as compared to the baseline project plan
• B.it comes in at or below the expenditures planned for in the baseline budget
• C.it meets most of the specifications as outlined in the approved project definition
• D.the deliverables are accepted by the key stakeholders

Comment: *

Name: *

Email: *

Verification: *