When performing a risk assessment, the MOST important consideration is that:

• A.management supports risk mitigation efforts.
• B.annual loss expectations (ALEs) have been calculated for critical assets.
• C.assets have been identified and appropriately valued.
• D.attack motives, means and opportunities be understood.

Comment: *

Name: *

Email: *

Verification: *

How would an information security manager balance the potentially conflicting requirements of an international organization's security standards and local regulation?

• A.Give organization standards preference over local regulations
• B.Follow local regulations only
• C.Make the organization aware of those standards where local regulations causes conflicts
• D.Negotiate a local version of the organization standards

Comment: *

Name: *

Email: *

Verification: *

When designing the technical solution for a disaster recovery site, the PRIMARY factor that should be taken into consideration is the:

• A.services delivery objective.
• B.recovery time objective (RTO).
• C.recovery window.
• D.maximum tolerable outage (MTO).

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the responsibility of a data owner?

• A.Classifying the data in accordance with security policy
• B.Testing to determine whether the data can be recovered successfully
• C.Investigating and resolving suspicious database activity
• D.Maintaining the integrity of the database

Comment: *

Name: *

Email: *

Verification: *

Which of the following steps should be performed FIRST in the risk assessment process?

• A.Staff interviews
• B.Threat identification
• C.Asset identification and valuation
• D.Determination of the likelihood of identified risks

Comment: *

Name: *

Email: *

Verification: *