The MOST basic requirement for an information security governance program is to:

• A.be aligned with the corporate business strategy.
• B.be based on a sound risk management approach.
• C.provide adequate regulatory compliance.
• D.provide best practices for security- initiatives.

Comment: *

Name: *

Email: *

Verification: *

Which of the following will MOST likely reduce the chances of an unauthorized individual gaining access to computing resources by pretending to be an authorized individual needing to have his, her password reset?

• A.Performing reviews of password resets
• B.Conducting security awareness programs
• C.Increasing the frequency of password changes
• D.Implementing automatic password syntax checking

Comment: *

Name: *

Email: *

Verification: *

Which of the ager to regularly report to senior management?

• A.Impact of untreated risks
• B.Threat analysis reports
• C.Results of penetration tests
• D.Audit reports

Comment: *

Name: *

Email: *

Verification: *

Which of the following defines the MOST comprehensive set of security requirements for a newly developed information system?

• A.Audit findings
• B.Baseline controls
• C.Key risk indicators (KRls)
• D.Risk assessment results

Comment: *

Name: *

Email: *

Verification: *

A large organization is considering a policy that would allow employees to bring their own smartphones into the organizational environment. The MOST important concern to the information security manager should be the:

• A.higher costs in supporting end users
• B.impact on network capacity
• C.decrease in end user productivity
• D.lack of a device management solution

Comment: *

Name: *

Email: *

Verification: *