To prevent computers on the corporate network from being used as part of a distributed denial of service attack, the information security manager should use:

• A.incoming traffic filtering
• B.outgoing traffic filtering
• C.IT security policy dissemination
• D.rate limiting

Comment: *

Name: *

Email: *

Verification: *

What should be the PRIMARY basis for developing an organization's information security program?

• A.Information security strategy
• B.Regulatory compliance strategy
• C.Organizational strategy
• D.Customer service strategy

Comment: *

Name: *

Email: *

Verification: *

An organization has purchased an Internet sales company to extend the sales department. The information security manager's FIRST step to ensure the security policy framework encompasses the new business model is to:

• A.perform a gap analysis.
• B.implement both companies' policies separately
• C.merge both companies' policies
• D.perform a vulnerability assessment

Comment: *

Name: *

Email: *

Verification: *

Which of the following should an information security manager do FIRST after learning through mass media of a data breach at the organization's hosted payroll service provider?

• A.Suspend the data exchange with the provider
• B.Notify appropriate regulatory authorities of the breach.
• C.Initiate the business continuity plan (BCP)
• D.Validate the breach with the provider

Comment: *

Name: *

Email: *

Verification: *

A multinational organization operating in fifteen countries is considering implementing an information security program. Which factor will MOST influence the design of the Information security program?

• A.Representation by regional business leaders
• B.Composition of the board
• C.Cultures of the different countries
• D.IT security skills

Comment: *

Name: *

Email: *

Verification: *