A web server in a financial institution that has been compromised using a super-user account has been isolated, and proper forensic processes have been followed. The next step should be to:

• A.rebuild the server from the last verified backup.
• B.place the web server in quarantine.
• C.shut down the server in an organized manner.
• D.rebuild the server with original media and relevant patches.

Comment: *

Name: *

Email: *

Verification: *

Information security policies should:

• A.address corporate network vulnerabilities.
• B.address the process for communicating a violation.
• C.be straightforward and easy to understand.
• D.be customized to specific groups and roles.

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY purpose of performing an internal attack and penetration test as part of an incident response program is to identify:

• A.weaknesses in network and server security.
• B.ways to improve the incident response process.
• C.potential attack vectors on the network perimeter.
• D.the optimum response to internal hacker attacks.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is an information security manager's BEST course of action to address a significant materialized risk that was not prevented by organizational controls?

• A.Update the risk register.
• B.Invoke the incident response plan.
• C.Update the business impact analysis (BIA)
• D.Perform root cause analysis.

Comment: *

Name: *

Email: *

Verification: *

An information security manager is implementing a bring your own device (BYOD) program. Which of the following would BES ensure that users adhere to the security standards?

• A.Monitor user activities on the network.
• B.Deploy a device management solution.
• C.Establish an acceptable use policy.
• D.Publish the standards on the intranet landing page.

Comment: *

Name: *

Email: *

Verification: *