An information security program should be sponsored by:

• A.infrastructure management.
• B.the corporate audit department.
• C.key business process owners.
• D.information security management.

Comment: *

Name: *

Email: *

Verification: *

Which of the following actions should lake place immediately after a security breach is reported to an information security manager?

• A.Confirm the incident
• B.Determine impact
• C.Notify affected stakeholders
• D.Isolate the incident

Comment: *

Name: *

Email: *

Verification: *

To set security expectations across the enterprise, it is MOST important for the information security policy to be regularly reviewed and endorsed by:

• A.senior management.
• B.the IT steering committee.
• C.security administrators.
• D.the chief information security officer (CISO).

Comment: *

Name: *

Email: *

Verification: *

Which of the following would BEST help to ensure the alignment between information security and business functions?

• A.Providing funding for information security efforts
• B.Establishing a security awareness program
• C.Establishing an information security governance committee
• D.Developing information security polices

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important function of an information security steering committee?

• A.Assigning data classifications to organizational assets
• B.Developing organizational risk assessment processes
• C.Obtaining multiple perspectives from the business
• D.Defining security standards for logical access controls

Comment: *

Name: *

Email: *

Verification: *