The MAIN consideration when designing an incident escalation plan should be ensuring that:

• A.information assets are classified.
• B.appropriate stakeholders are involved.
• C.high-impact risks have been identified.
• D.requirements cover forensic analysis.

Comment: *

Name: *

Email: *

Verification: *

The management of an organization has decided to establish a security awareness program. Which of the following would MOST likely be a part of the program?

• A.Utilization of an intrusion detection system to report incidents
• B.Mandating the use of passwords to access all software
• C.Installing an efficient user log system to track the actions of each user
• D.Training provided on a regular basis to all current and new employees

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST secure and economical method for connecting a private network over the Internet in a small- to medium-sized organization?

• A.Virtual private network
• B.Dedicated line
• C.Leased line
• D.integrated services digital network

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST ensures the integrity of a server's operating system?

• A.Protecting the server in a secure location
• B.Setting a boot password
• C.Hardening the server configuration
• D.Implementing activity logging

Comment: *

Name: *

Email: *

Verification: *

What can be very helpful to an IS auditor when determining the efficacy of a systems maintenance program? Choose the BEST answer.

• A.Network-monitoring software
• B.A system downtime log
• C.Administration activity reports
• D.Help-desk utilization trend reports

Comment: *

Name: *

Email: *

Verification: *