Who should be PRIMARILY responsible for defining a security asset classification scheme?

• A.Business unit manager
• B.Legal counsel
• C.Network security manager
• D.Information security manager

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST relevant source of information for determining the available internal human resources for executing the information security program?

• A.Job descriptions
• B.Roles and responsibilities matrix
• C.Skills inventory
• D.RACl chart

Comment: *

Name: *

Email: *

Verification: *

When information security management is receiving an increased number of false positive incident reports, which of the following is MOST important to review?

• A.The security awareness programs
• B.Post-incident analysis results
• C.The risk management processes
• D.firewall logs

Comment: *

Name: *

Email: *

Verification: *

When a newly installed system for synchronizing passwords across multiple systems and platforms abnormally terminates without warning, which of the following should automatically occur FIRST?

• A.The firewall should block all inbound traffic during the outage
• B.All systems should block new logins until the problem is corrected
• C.Access control should fall back to no synchronized mode
• D.System logs should record all user activity for later analysis

Comment: *

Name: *

Email: *

Verification: *

The effectiveness of an incident response team will be GREATEST when:

• A.incidents are identified using a security information and event monitoring (SIEM) system.
• B.the incident response process is updated based on lessons learned,
• C.the incident response team members are trained security personnel,
• D.the incident response team meets on a regular basis to review log files

Comment: *

Name: *

Email: *

Verification: *