An IS auditor notes the transaction processing times in an order processing system have significantly increased after a major release. Which of the following should the IS auditor review FIRST?

• A.Stress testing results
• B.Database conversion results
• C.Training plans
• D.Capacity management plan

Comment: *

Name: *

Email: *

Verification: *

A new regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. Which of the following is the IS auditor s BEST recommendation to facilitate compliance with the regulation?

• A.Include the requirement in the incident management response plan.
• B.Enhance the alert functionality of the intrusion detection system (IDS).
• C.Establish key performance indicators (KPIs) for timely identification of security incidents.
• D.Engage an external security incident response expert for incident handling.

Comment: *

Name: *

Email: *

Verification: *

An organization is planning to implement a work-from-home policy that allows users to work remotely as needed. Which of the following is the BEST solution for ensuring secure remote access to corporate resources?

• A.Virtual private network (VPN)
• B.Multi-factor authentication
• C.Additional firewall rules
• D.Virtual desktop

Comment: *

Name: *

Email: *

Verification: *

Which of the following provides the MOST useful information regarding an organization's risk appetite and tolerance?

• A.Risk profile
• B.Risk register
• C.Audit reports
• D.Gap analysis

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the FIRST step m managing the impact of a recently discovered zero-day attack?

• A.Assessing the Impact of vulnerabilities
• B.Identifying vulnerable assets
• C.Evaluating the likelihood of attack
• D.Estimating potential damage

Comment: *

Name: *

Email: *

Verification: *