Which of the following should be an information security manager's MOST important concern to ensure admissibility of information security evidence from cyber crimes?

• A.Chain of custody
• B.Tools used for evidence analysis
• C.Forensics contractors
• D.Efficiency of the forensics team

Comment: *

Name: *

Email: *

Verification: *

An information security manager is developing a business case for an investment in an information security control. The FIRST step should be to:

• A.research vendor pricing to show cost efficiency
• B.assess potential impact to the organization
• C.demonstrate increased productivity of security staff
• D.gain audit buy-in for the security control

Comment: *

Name: *

Email: *

Verification: *

A business unit uses e-commerce with a strong password policy. Many customers complain that they cannot remember their password because they are too long and complex. The business unit states it is imperative to improve the customer experience. The information security manager should FIRST.

• A.Reach alternative secure of identify verification
• B.Change the password policy to improve the customer experience
• C.Recommended implementing two-factor authentication.
• D.Evaluate the impact of the customer's experience on business revenue.

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY reason for assigning classes of sensitivity and criticality to information resources is to provide a basis for:

• A.determining the scope for inclusion in an information security program.
• B.defining the level of access controls.
• C.justifying costs for information resources.
• D.determining the overall budget of an information security program.

Comment: *

Name: *

Email: *

Verification: *

Which two components PRIMARILY must be assessed in an effective risk analysis?

• A.Visibility and duration
• B.Likelihood and impact
• C.Probability and frequency
• D.Financial impact and duration

Comment: *

Name: *

Email: *

Verification: *