When developing a risk management program, what is the FIRST activity to be performed?

• A.Threat assessment
• B.Classification of data
• C.Inventory of assets
• D.Criticality analysis

Comment: *

Name: *

Email: *

Verification: *

Which of the following key performance indicators (KPIs) provides the BEST indication of a security awareness campaign's effectiveness?

• A.Percentage of attendees passing the awareness quiz
• B.Increase in the number of reported security incidents
• C.Reduced average rime for incident resolution
• D.Decrease m the number of help desk calls

Comment: *

Name: *

Email: *

Verification: *

Malicious program code was found in an application and corrected prior to release into production. After the release, the same issue was reported. Which of the following is the IS auditor's BEST recommendation?

• A.Ensure change management reports are independently reviewed.
• B.Ensure corrected program code is compiled in a dedicated server.
• C.Ensure the business signs off on end-to-end user acceptance test (UAT) results.
• D.Ensure programmers cannot access code after the completion of program edits.

Comment: *

Name: *

Email: *

Verification: *

A firm is considering using biometric fingerprint identification on all PCs that access critical datA. This requires:

• A.that a registration process is executed for all accredited PC users.
• B.the full elimination of the risk of a false acceptance.
• C.the usage of the fingerprint reader be accessed by a separate password.
• D.assurance that it will be impossible to gain unauthorized access to critical data.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a MAJOR benefit of using a wireless network?

• A.Faster network speed
• B.Stronger authentication
• C.Protection against eavesdropping
• D.Lower installation cost

Comment: *

Name: *

Email: *

Verification: *