When an intrusion into an organization network is deleted, which of the following should be done FIRST?

• A.Identity nodes that have been compromised.
• B.Contact law enforcement.
• C.Notify senior management.
• D.Block all compromised network nodes.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor is evaluating the access controls for a shared customer relationship management (CRM) system. Which of the following would be the GREATEST concern?

• A.Complex passwords are not required
• B.Single sign-on is not enabled
• C.Security baseline is not consistently applied
• D.Audit logging is not enabled

Comment: *

Name: *

Email: *

Verification: *

The operations team of an organization has reported an IS security attack. Which of the following should be the FIRST step for the security incident response team?

• A.Perform a damage assessment.
• B.Prioritize resources for corrective action.
• C.Document lessons learned.
• D.Report results to management.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST appropriate to prevent unauthorized retrieval of confidential information stored in a business application system?

• A.Apply single sign-on for access control
• B.Implement segregation of duties.
• C.Enforce an internal data access policy.
• D.Enforce the use of digital signatures.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor concludes that an organization has a quality security policy. Which of the following is MOST important to determine next? The policy must be:

• A.updated frequently.
• B.well understand by all employees.
• C.developed by process owners.
• D.based on industry standards.

Comment: *

Name: *

Email: *

Verification: *