The BEST way to identify the risk associated with a social engineering attack is to An organization has acquired a company that manufactures Internet of Things (loT) devices What should the information security manager do NEXT?

• A.Conduct a vulnerability assessment.
• B.Review the acquired company's data sharing agreements.
• C.Review the acquired company's audit reports.
• D.Update the information security strategy.

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST ensures that modifications made to in-house developed business applications do not introduce new security exposures?

• A.Stress testing
• B.Patch management
• C.Change management
• D.Security baselines

Comment: *

Name: *

Email: *

Verification: *

Evidence from a compromised server has to be acquired for a forensic investigation. What would be the BEST source?

• A.A bit-level copy of all hard drive data
• B.The last verified backup stored offsite
• C.Data from volatile memory
• D.Backup servers

Comment: *

Name: *

Email: *

Verification: *

An information security manager is developing a new information security strategy. Which of the following functions would serve as the BEST resource to review the strategy and provide guidance for business alignment?

• A.The board of directors
• B.The legal department
• C.Internal audit
• D.The steering committee

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST reason to develop comprehensive information security policies?

• A.To comply with external industry and government regulations
• B.To support development of effective risk indicators
• C.To align the information security program to organizational strategy
• D.To gain senior management support for the information security program

Comment: *

Name: *

Email: *

Verification: *