Which of the following is the MOST important reason for obtaining input from risk owners when implementing controls?

• A.To reduce risk mitigation costs
• B.To resolve vulnerabilities in enterprise architecture (EA)
• C.To manage the risk to an acceptable level
• D.To eliminate threats impacting the business

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important to consider when aligning a security awareness program with the organization's business strategy?

• A.People and culture
• B.Regulations and standards
• C.Processes and technology
• D.Executive and board directives

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST ensures timely and reliable access to services?

• A.Authenticity
• B.Availability
• C.Nonrepudiation
• D.Recovery time objective (RTO)

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST approach to incident response for an organization migrating to a cloud-based solution?

• A.Revise incident response procedures to encompass the cloud environment.
• B.Continue using the existing incident response procedures.
• C.Adopt the cloud provider's incident response procedures.
• D.Transfer responsibility for incident response to the cloud provider.

Comment: *

Name: *

Email: *

Verification: *

When choosing the best controls to mitigate risk to acceptable levels, the information security manager's decision should be MAINLY driven by:

• A.cost-benefit analysis,
• B.best practices.
• C.regulatory requirements.
• D.control framework

Comment: *

Name: *

Email: *

Verification: *