Which of the following features is normally missing when using Secure Sockets Layer (SSL) in a web browser?

• A.Certificate-based authentication of web client
• B.Certificate-based authentication of web server
• C.Data confidentiality between client and web server
• D.Multiple encryption algorithms

Comment: *

Name: *

Email: *

Verification: *

When testing an incident response plan for recovery from a ransomware attack, which of the following is MOST important to verify?

• A.Digital currency is immediately available.
• B.Network access requires two-factor authentication.
• C.Data backups are recoverable from an offsite location.
• D.An alternative network link is immediately available.

Comment: *

Name: *

Email: *

Verification: *

The use of a business case to obtain funding for an information security investment is MOST effective when the business case:

• A.realigns information security objectives to organizational strategy,
• B.translates information security policies and standards into business requirements.
• C.relates the investment to the organization's strategic plan.
• D.articulates management s intent and information security directives in clear language.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST metric for evaluating the effectiveness of security awareness twining?
The number of:

• A.password resets.
• B.reported incidents.
• C.incidents resolved.
• D.access rule violations.

Comment: *

Name: *

Email: *

Verification: *

A daily monitoring report reveals that an IT employee made a change to a firewall rule outside of the change control process. The information security manager's FIRST step in addressing the issue should be to:

• A.require that the change be reversed
• B.review the change management process
• C.perform an analysis of the change
• D.report the event to senior management

Comment: *

Name: *

Email: *

Verification: *