Which of the following is the MOST important consideration when establishing an organization's information security governance committee?

• A.Members are rotated periodically.
• B.Members represent functions across the organization.
• C.Members are business risk owners.
• D.Members have knowledge of information security controls.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important for building 4 robust information security culture within an organization?

• A.Strict enforcement of employee compliance with organizational security policies
• B.Senior management approval of information security policies
• C.Security controls embedded within the development and operation of the IT environment
• D.Mature information security awareness training across the organization

Comment: *

Name: *

Email: *

Verification: *

An information security manager developing an incident response plan MUST ensure it includes:

• A.an inventory of critical data.
• B.criteria for escalation.
• C.a business impact analysis (BIA).
• D.critical infrastructure diagrams.

Comment: *

Name: *

Email: *

Verification: *

In which cloud model does the cloud service buyer assume the MOST security responsibility?

• A.Platform as a Service (PaaS)
• B.Software as a Service (SaaS)
• C.Disaster Recovery as a Service (DRaaS)
• D.Infrastructure as a Service (laaS)

Comment: *

Name: *

Email: *

Verification: *

An information security team has discovered that users are sharing a login account to an application with sensitive information, in violation of the access policy. Business management indicates that the practice creates operational efficiencies. What is the information security manager's BEST course of action?

• A.Enforce the policy.
• B.Present the risk to senior management.
• C.Create an exception for the deviation.
• D.Modify the policy.

Comment: *

Name: *

Email: *

Verification: *