The MOST important success factor in planning a penetration test is:

• A.the documentation of the planned testing procedure.
• B.scheduling and deciding on the timed length of the test.
• C.the involvement of the management of the client organization.
• D.the qualifications and experience of staff involved in the test.

Comment: *

Name: *

Email: *

Verification: *

The objective of using coding standards for systems development is to:

• A.ensure that business needs are met
• B.facilitate user testing
• C.facilitate program maintenance
• D.ensure the completeness of requirements.

Comment: *

Name: *

Email: *

Verification: *

An IT steering committee should review information systems PRIMARILY to assess:

• A.whether IT processes support business requirements.
• B.if proposed system functionality is adequate.
• C.the stability of existing software.
• D.the complexity of installed technology.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be performed FIRST when preparing to deploy a major upgrade to a critical online application?

• A.Update the disaster recovery process.
• B.Update the business impact analysis (BIA).
• C.Test the rollback process.
• D.Review data backup procedures.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the GREATEST risk of an inadequate policy definition for ownership of data and systems?

• A.User management coordination does not exist.
• B.Specific user accountability cannot be established.
• C.Unauthorized users may have access to originate, modify or delete data.
• D.Audit recommendations may not be implemented.

Comment: *

Name: *

Email: *

Verification: *