Which of the following should be the PRIMARY driver for selecting and implementing appropriate controls to address the risk associated with weal user passwords?

• A.The organization's risk tolerance
• B.The cost of risk mitigation controls
• C.The organization's culture
• D.Direction from senior management

Comment: *

Name: *

Email: *

Verification: *

Which of the following would BEST help to ensure compliance with an organization's information security requirements by an IT service provider?

• A.Defining information security requirements with internal IT
• B.Requiring regular reporting frame the IT service provider
• C.Requiring an external security audit of the IT service provider
• D.Defining the business recovery plan with the IT service provider

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST reason to develop comprehensive information security policies?

• A.To comply with external industry and government regulations
• B.To support development of effective risk indicators
• C.To align the information security program to organizational strategy
• D.To gain senior management support for the information security program

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important when establishing a successful information security governance framework?

• A.Determining balanced scorecard metrics for information security
• B.Selecting information security steering committee members
• C.Developing an Information security strategy
• D.Identifying information security risk scenarios

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST efficient tool for identifying advanced persistent threats (APTs)?

• A.Security incident and event management (SIEM) tool
• B.Intrusion detection system (IDS)
• C.Web application firewall
• D.Internet gateway filter

Comment: *

Name: *

Email: *

Verification: *