To implement a security framework, an information security manager must FIRST develop:

• A.security standards.
• B.security procedures.
• C.a security policy.
• D.security guidelines.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important to consider when prioritizing threats during the risk assessment process?

• A.The threat landscape within the industry
• B.The potential impact on operations
• C.Regulatory requirements on the organization
• D.The severity of exploited vulnerabilities

Comment: *

Name: *

Email: *

Verification: *

Which of the following approaches to communication with senior management BEST enables an information security manager to maximize the effectiveness of the information security program?

• A.Reporting on industry security threats with potential impact to business objectives
• B.Conducting periodic one-on-one meetings to align security with business objectives
• C.Providing regular status of updates to security policies and standards
• D.Participating in operational review meetings to discuss daily operations and dependencies

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST method to protect the confidentiality of data transmitted over the Internet?

• A.Message hashing
• B.Multi-factor authentication
• C.Transport Layer Security (TLS)
• D.Network address translation (NAT)

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST reason for senior management to support a business case for developing a monitoring system for a critical application?

• A.An industry peer experienced a recent breach with a similar application.
• B.The cost of implementing the system is less than the impact of downtime.
• C.The solution is within the organization's risk tolerance.
• D.The system can be replicated for additional use cases.

Comment: *

Name: *

Email: *

Verification: *