An organization is considering the deployment of encryption software and systems organization-wide. The MOST important consideration should be whether:

• A.data can be recovered if the encryption keys are misplaced
• B.a classification policy has been developed to incorporate the need for encryption,
• C.the implementation supports the business strategy.
• D.the business strategy includes exceptions to the encryption standard.

Comment: *

Name: *

Email: *

Verification: *

Which of the following would provide the MOST comprehensive view of the effectiveness of the information security function within an organization?

• A.A balanced scorecard
• B.An interview with senior managers
• C.Examples of compliance with security processes
• D.An incident reporting system

Comment: *

Name: *

Email: *

Verification: *

When information security management is receiving an increased number of false positive incident reports, which of the following is MOST important to review?

• A.The security awareness programs
• B.The risk management processes
• C.Firewall logs
• D.Post-incident analysis results

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST defense against distributed denial of service (DDoS) attacks?

• A.Multiple and redundant paths
• B.Well-configured routers and firewalls
• C.Regular patching
• D.Intruder-detection lockout

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST way to prevent recurrence of a security incident?

• A.Review and update security policy on a regular basis
• B.An appropriate investigation into the root cause with corrective measures applied
• C.An expanded and more effective monitoring and detection process for incidents
• D.Management support and approval of the incident response plan

Comment: *

Name: *

Email: *

Verification: *