Which of the following is the MOST Important outcome of a post-Incident review?

• A.The root cause of the Incident Is determined.
• B.The impact of the incident is reported to senior management.
• C.The person responsible for the incident Is identified.
• D.The system affected by the Incident is restored to its prior state.

Comment: *

Name: *

Email: *

Verification: *

The MOST effective way to ensure that outsourced service providers comply with the organization's information security policy would be:

• A.service level monitoring.
• B.penetration testing.
• C.periodically auditing.
• D.security awareness training.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be done FIRST when selecting performance metrics to report on the vendor risk management process?

• A.Review the confidentiality requirements.
• B.Identify the data owner.
• C.Select the data source
• D.Identify the intended audience.

Comment: *

Name: *

Email: *

Verification: *

A mission-critical system has been identified as having an administrative system account with attributes that prevent locking and change of privileges and name. Which would be the BEST approach to prevent successful brute forcing of the account?

• A.Prevent the system from being accessed remotely
• B.Create a strong random password
• C.Ask for a vendor patch
• D.Track usage of the account by audit trails

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST practical control that an organization can implement to prevent unauthorized downloading of data to universal serial bus (USB) storage devices?

• A.Restrict drive usage
• B.Two-factor authentication
• C.Strong encryption
• D.Disciplinary action

Comment: *

Name: *

Email: *

Verification: *