Which of the following is the GREATEST benefit of conducting an organization-wide security awareness program?

• A.The security strategy is promoted.
• B.More security incidents are detected.
• C.Fewer security incidents are reported.
• D.Security behavior is improved.

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST enables an information security manager to determine the comprehensiveness of an organization's information security strategy?

• A.Internal security audit
• B.Business impact analysis (BIA)
• C.Organizational risk appetite
• D.External security audit

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST approach for managing user access permissions to ensure alignment with data classification?

• A.Lock out accounts after a set number of unsuccessful login attempts.
• B.Enable multi-factor authentication on user and admin accounts.
• C.Review access permissions annually or whenever job responsibilities change
• D.Delegate the management of access permissions to an independent third party.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST reason for an organization to use Disaster Recovery as a Service (DRaaS)?

• A.It eliminates the need for the business to perform testing.
• B.It lowers the annual cost to the business.
• C.It transfers the risk associated with recovery to a third party.
• D.It eliminates the need to maintain offsite facilities.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST way to help ensure an organization's risk appetite will be considered as part of the risk treatment process?

• A.Use quantitative risk assessment methods.
• B.Provide regular reporting on risk treatment to senior management
• C.Establish key risk indicators (KRIs).
• D.Require steering committee approval of risk treatment plans.

Comment: *

Name: *

Email: *

Verification: *