Which of the following is the MOST effective way for an organization to project against data loss?

• A.Limit employee internet access.
• B.Implement data classification procedures.
• C.Review firewall logs for anomalies.
• D.Conduct periodic security awareness training.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST control to prevent the transfer of files to external parties through instant messaging (IM) applications?

• A.File level encryption
• B.Instant messaging policy
• C.Application level firewalls
• D.File transfer protocol (FTP)

Comment: *

Name: *

Email: *

Verification: *

What is the PRIMARY purpose of documenting audit objectives when preparing for an engagement?

• A.To help ensure maximum use of audit resources during the engagement
• B.To identify areas with relatively high probability of material problems
• C.To help prioritize and schedule auditee meetings
• D.To address the overall risk associated with the activity under review

Comment: *

Name: *

Email: *

Verification: *

Which of the following would BEST enable an organization to address the security risks associated with a recently implemented bring your own device (BYOD) strategy?

• A.Mobile device upgrade program
• B.Mobile device testing program
• C.Mobile device tracking program
• D.Mobile device awareness program

Comment: *

Name: *

Email: *

Verification: *

What should an IS auditor evaluate FIRST when reviewing an organization's response to new privacy legislation?

• A.Implementation plan for restricting the collection of personal information
• B.Privacy legislation in other countries that may contain similar requirements
• C.Operational plan for achieving compliance with the legislation
• D.Analysis of systems that contain privacy components

Comment: *

Name: *

Email: *

Verification: *