Which of the following is the MOST effective way to demonstrate alignment of information security strategy with business objectives?

• A.Balanced scorecard
• B.Risk matrix
• C.Benchmarking
• D.Heat map

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the PRIMARY benefit of implementing a vulnerability assessment process?

• A.Compliance status is improved.
• B.Proactive risk management is facilitated.
• C.Threat management is enhanced.
• D.Security metrics are enhanced.

Comment: *

Name: *

Email: *

Verification: *

The BEST way to identify the risk associated with a social engineering attack is to:

• A.test user knowledge of information security practices.
• B.monitor the intrusion detection system (IDS),
• C.perform a business risk assessment of the email filtering system.
• D.review single sign-on (SSO) authentication lags.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST indication of effective information security governance?

• A.Information security controls are assigned to risk owners.
• B.Information security is considered the responsibility of the entire information security team.
• C.Information security governance is based on an external security framework.
• D.Information security is integrated into corporate governance.

Comment: *

Name: *

Email: *

Verification: *

An organization's main product is a customer-facing application delivered using Software as a Service (SaaS). The lead security engineer has just identified a major security vulnerability at the primary cloud provider. Within the organization, who is PRIMARILY accountable for the associated task?

• A.The security engineer
• B.The application owner
• C.The information security manager
• D.The data owner

Comment: *

Name: *

Email: *

Verification: *