Which of the following methods is the BEST way to demonstrate that an information security program provides appropriate coverage?

• A.Maturity assessment
• B.Gap assessment
• C.Security risk analysis
• D.Vulnerability scan report

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST facilitates an information security manager's efforts to obtain senior management commitment for an information security program?

• A.Presenting evidence of inherent risk
• B.Reporting the security maturity level
• C.Communicating the residual risk
• D.Presenting compliance requirements

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST indication of information security strategy alignment with the "&

• A.Percentage of corporate budget allocated to information security initiatives
• B.Number of business executives who have attended information security awareness sessions
• C.Number of business objectives directly supported by information security initiatives
• D.Percentage of information security incidents resolved within defined service level agreements (SLAs)

Comment: *

Name: *

Email: *

Verification: *

Which of the following would BEST justify continued investment in an information security program?

• A.Reduction in residual risk
• B.Security framework alignment
• C.Speed of implementation
• D.Industry peer benchmarking

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST helpful for determining which information security policies should be implemented by an organization?

• A.Industry best practices
• B.Risk assessment
• C.Business impact analysis (BIA)
• D.Vulnerability assessment

Comment: *

Name: *

Email: *

Verification: *