Which of the following should be the PRIMARY focus of a lessons learned exercise following a successful response to a cybersecurity incident?

• A.Establishing the root cause of the incident
• B.Identifying attack vectors utilized in the incident
• C.When business operations were restored after the incident
• D.How incident management processes were executed

Comment: *

Name: *

Email: *

Verification: *

An information security strategy document that includes specific links to an organization's business activities is PRIMARILY an indicator of:

• A.performance measurement.
• B.integration.
• C.alignment.
• D.value delivery.

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY purpose of aligning information security with corporate governance objectives is to:

• A.identify an organization's tolerance for risk.
• B.consistently manage significant areas of risk.
• C.re-align roles and responsibilities.
• D.build capabilities to improve security processes.

Comment: *

Name: *

Email: *

Verification: *

Following a risk assessment, an organization has made the decision to adopt a bring your own device (BYOD) strategy. What should the information security manager do NEXT?

• A.Develop a personal device policy
• B.Implement a mobile device management (MDM) solution
• C.Develop training specific to BYOD awareness
• D.Define control requirements

Comment: *

Name: *

Email: *

Verification: *

Successful implementation of information security governance will FIRST require:

• A.security awareness training.
• B.updated security policies.
• C.a computer incident management team.
• D.a security architecture.

Comment: *

Name: *

Email: *

Verification: *