Which of the following would be the BEST defense against sniffing?

• A.Password protect the files
• B.Implement a dynamic IP address scheme
• C.Encrypt the data being transmitted
• D.Set static mandatory access control (MAC) addresses

Comment: *

Name: *

Email: *

Verification: *

It is MOST important for an information security manager to ensure that security risk assessments are performed:

• A.in response to the threat landscape.
• B.during a root cause analysis
• C.as part of the security business case.
• D.consistently throughout the enterprise.

Comment: *

Name: *

Email: *

Verification: *

After a risk assessment, it is determined that the cost to mitigate the risk is much greater than the benefit to be derived. The information security manager should recommend to business management that the risk be:

• A.transferred.
• B.treated.
• C.accepted.
• D.terminated.

Comment: *

Name: *

Email: *

Verification: *

A benefit of using a full disclosure (white box) approach as compared to a blind (black box) approach to penetration testing is that:

• A.it simulates the real-life situation of an external security attack.
• B.human intervention is not required for this type of test.
• C.less time is spent on reconnaissance and information gathering.
• D.critical infrastructure information is not revealed to the tester.

Comment: *

Name: *

Email: *

Verification: *

Detailed business continuity plans should be based PRIMARILY on:

• A.consideration of different alternatives.
• B.the solution that is least expensive.
• C.strategies that cover all applications.
• D.strategies validated by senior management.

Comment: *

Name: *

Email: *

Verification: *