A risk assessment study carried out by an organization noted that there is no segmentation of the local area network (LAN). Network segmentation would reduce the potential impact of which of the following?

• A.Denial of service (DoS) attacks
• B.Traffic sniffing
• C.Virus infections
• D.IP address spoofing

Comment: *

Name: *

Email: *

Verification: *

An employee has just reported the loss of a personal mobile device containing corporate information.
Which of the following should the information security manager do FIRST?

• A.Disable remote access
• B.Initiate a device reset
• C.Initiate incident response
• D.Conduct a risk assessment

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST approach to mitigate online brute-force attacks on user accounts?

• A.Passwords stored in encrypted form
• B.User awareness
• C.Strong passwords that are changed periodically
• D.Implementation of lock-out policies

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY reason for creating a business case when proposing an information security project is to:

• A.ensure relevant business parties are involved in the project.
• B.establish the value of the project with regard to regulatory compliance.
• C.ensure comprehensive security controls are identified.
• D.establish the value of the project in relation to business objectives.

Comment: *

Name: *

Email: *

Verification: *

Which of the following would be the BEST indicator that an organization is appropriately managing risk?

• A.Risk assessment results are within tolerance
• B.The number of events reported from the intrusion detection system has declined
• C.The number of security incident events reported by staff has increased
• D.A penetration test does not identify any high-risk system vulnerabilities

Comment: *

Name: *

Email: *

Verification: *