The PRIMARY purpose of aligning information security with corporate governance objectives is to:

• A.consistently manage significant areas of risk.
• B.re-align roles and responsibilities.
• C.identify an organization's tolerance for risk.
• D.build capabilities to improve security processes.

Comment: *

Name: *

Email: *

Verification: *

A company has a network of branch offices with local file/print and mail servers; each branch individually contracts a hot site. Which of the following would be the GREATEST weakness in recovery capability?

• A.Exclusive use of the hot site is limited to six weeks
• B.The hot site may have to be shared with other customers
• C.The time of declaration determines site access priority
• D.The provider services all major companies in the area

Comment: *

Name: *

Email: *

Verification: *

After obtaining commitment from senior management, which of the following should be completed NEXT when establishing an information security program?

• A.Define security metrics
• B.Conduct a risk assessment
• C.Perform a gap analysis
• D.Procure security tools

Comment: *

Name: *

Email: *

Verification: *

An intranet server should generally be placed on the:

• A.internal network.
• B.firewall server.
• C.external router.
• D.primary domain controller.

Comment: *

Name: *

Email: *

Verification: *

An organization is concerned with the risk of information leakage caused by incorrect use of personally owned smart devices by employees. What is the BEST way for the information security manager to mitigate the associated risk?

• A.Require employees to sign a nondisclosure agreement (NDA).
• B.Implement a mobile device management (MDM) solution.
• C.Document a bring-your-own-device (BYOD) policy.
• D.Implement a multi-factor authentication (MFA) solution.

Comment: *

Name: *

Email: *

Verification: *