The main mail server of a financial institution has been compromised at the superuser level; the only way to ensure the system is secure would be to:

• A.change the root password of the system.
• B.implement multifactor authentication.
• C.rebuild the system from the original installation medium.
• D.disconnect the mail server from the network.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the PRIMARY input when defining the desired state of security within an organization?

• A.Acceptable risk level
• B.Annual loss expectancy
• C.External audit results
• D.Level of business impact

Comment: *

Name: *

Email: *

Verification: *

The MOST important component of a privacy policy is:

• A.notifications.
• B.warranties.
• C.liabilities.
• D.geographic coverage.

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY objective of security awareness is to:

• A.ensure that security policies are understood.
• B.influence employee behavior.
• C.ensure legal and regulatory compliance
• D.notify of actions for noncompliance.

Comment: *

Name: *

Email: *

Verification: *

The MOST important reason for conducting periodic risk assessments is because:

• A.risk assessments are not always precise.
• B.security risks are subject to frequent change.
• C.reviewers can optimize and reduce the cost of controls.
• D.it demonstrates to senior management that the security function can add value.

Comment: *

Name: *

Email: *

Verification: *