The PRIMARY goal of a post-incident review should be to

• A.identify policy changes to prevent a recurrence
• B.determine how to improve the incident handling process
• C.establish the cost of the incident to the business.
• D.determine why the incident occurred

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important objective of testing a security incident response plan?

• A.Ensure the thoroughness of the response plan.
• B.Verify the response assumptions are valid
• C.Confirm that systems are recovered in the proper order.
• D.Validate the business impact analysis (BIA).

Comment: *

Name: *

Email: *

Verification: *

Which of the following should provide the PRIMARY justification to approve the implementation of a disaster recovery (DR) site on the recommendation of an external audit report?

• A.Regulatory requirements
• B.Security controls at the DR site
• C.Recovery time objectives (RTOs)
• D.Cost-benefit analysis

Comment: *

Name: *

Email: *

Verification: *

An organization finds unauthorized software has been installed on a number of workstations. The software was found to contain a Trojan which had been uploading data to an unknown external party. Which of the following would have BEST prevented the installation of the unauthorized software?

• A.Removing local administrator rights
• B.Implementing application blacklisting
• C.Implementing an intrusion detection system (IDS)
• D.Banning executable file downloads at the Internet firewall

Comment: *

Name: *

Email: *

Verification: *

An awareness program is implemented to mitigate the risk of infections introduced through the use of social media. Which of the following will BEST determine the effectiveness of the awareness program?

• A.A post-awareness program survey
• B.A quiz based on the awareness program materials
• C.A simulated social engineering attack
• D.Employee attendance rate at the awareness program

Comment: *

Name: *

Email: *

Verification: *