The BEST way to ensure that information security policies are followed is to:

• A.distribute printed copies to all employees.
• B.perform periodic reviews for compliance.
• C.include escalating penalties for noncompliance.
• D.establish an anonymous hotline to report policy abuses.

Comment: *

Name: *

Email: *

Verification: *

Planning for the implementation of an information security program is MOST effective when it:

• A.uses decision trees to prioritize security projects
• B.applies gap analysis to current and future business plans
• C.uses risk-based analysis for security projects
• D.applies technology-driven solutions to identified needs

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST reason to perform a business impact analysis (BIA)?

• A.To help determine the current state of risk
• B.To budget appropriately for needed controls
• C.To satisfy regulatory requirements
• D.To analyze the effect on the business

Comment: *

Name: *

Email: *

Verification: *

An employee has just reported the loss of a personal mobile device containing corporate information. Which of the following should the information security manager do FIRST?

• A.Disable remote access
• B.Initiate a device reset
• C.Initiate incident response
• D.Conduct a risk assessment

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important when allowing employees to work at home using personally owned devices?

• A.Enforcing an end-point security policy
• B.Reviewing OS on personal devices
• C.Approving personally owned devices
• D.Assessing vulnerabilities of home wireless connections

Comment: *

Name: *

Email: *

Verification: *