An information security manager has completed a risk assessment and has determined the residual risk.
Which of the following should be the NEXT step?

• A.Conduct an evaluation of controls
• B.Determine if the risk is within the risk appetite
• C.Implement countermeasures to mitigate risk
• D.Classify all identified risks

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important consideration when securing customer credit card data acquired by a point-of-sale (POS) cash register?

• A.Authentication
• B.Hardening
• C.Encryption
• D.Nonrepudiation

Comment: *

Name: *

Email: *

Verification: *

A post-incident review should be conducted by an incident management team to determine:

• A.relevant electronic evidence.
• B.lessons learned.
• C.hacker's identity.
• D.areas affected.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should occur FIRST in the process of managing security risk associated with the transfer of data from unsupported legacy systems to supported systems?

• A.Make backups of the affected systems prior to transfer.
• B.Increase cyber insurance coverage.
• C.Assign owners to be responsible for the transfer of each asset.
• D.Identify all information assets in the legacy environment.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the MOST important consideration when reporting sensitive risk-related information to stakeholders?

• A.Ensuring nonrepudiation of communication
• B.Consulting with the public relations director
• C.Transmitting the internal communication securely
• D.Customizing the communication to the audience

Comment: *

Name: *

Email: *

Verification: *