Which of the following is MOST helpful for aligning security operations with the IT governance framework?

• A.Security operations program
• B.Security risk assessment
• C.Information security policy
• D.Business impact analysis (BIA)

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the sole responsibility of the client organization when adopting a Software as a Service (SaaS) model?

• A.Host patching
• B.Data classification
• C.Infrastructure hardening
• D.Penetration testing

Comment: *

Name: *

Email: *

Verification: *

An organization plans to offer clients a new service that is subject to regulations. What should the organization do FIRST when developing a security strategy in support of this new service?

• A.Hire new resources to support the service.
• B.Perform a gap analysis against the current state
• C.Establish a compliance program,
• D.Determine security controls for the new service.

Comment: *

Name: *

Email: *

Verification: *

A PRIMARY purpose of creating security policies is to:

• A.define allowable security boundaries.
• B.implement management's security governance strategy.
• C.establish the way security tasks should be executed.
• D.communicate management's security expectations.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the PRIMARY objective of the information security incident response process?

• A.Classifying incidents
• B.Communicating with internal and external parties
• C.Conducting incident triage
• D.Minimizing negative impact to critical operations

Comment: *

Name: *

Email: *

Verification: *