In business-critical applications, user access should be approved by the:

• A.information security manager.
• B.data owner.
• C.data custodian.
• D.business management.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST closely associated with a business continuity program?

• A.Confirming that detailed technical recovery plans exist
• B.Periodically testing network redundancy
• C.Updating the hot site equipment configuration every quarter
• D.Developing recovery time objectives (RTOs) for critical functions

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important risk associated with middleware in a client-server environment?

• A.Server patching may be prevented
• B.System backups may be incomplete
• C.System integrity may be affected
• D.End-user sessions may be hijacked

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST tool to maintain the currency and coverage of an information security program within an organization?

• A.The program's governance oversight mechanisms
• B.Information security periodicals and manuals
• C.The program's security architecture and design
• D.Training and certification of the information security team

Comment: *

Name: *

Email: *

Verification: *

A risk profile support effective security decisions PRIMARILY because it:

• A.defines how the best mitigate future risks.
• B.identifies priorities for risk reduction.
• C.enables comparison with industry best practices.
• D.describes security threats.

Comment: *

Name: *

Email: *

Verification: *