Which of the following is a desired outcome of information security governance?

• A.Penetration test
• B.Improved risk management
• C.Business agility
• D.A maturity model

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important when selecting a third-party security operations center?

• A.Business continuity plans
• B.Independent controls assessment
• C.Incident response plans
• D.Indemnity clauses

Comment: *

Name: *

Email: *

Verification: *

The fundamental purpose of establishing security metrics is to:

• A.increase return on investment (ROI)
• B.provide feedback on control effectiveness
• C.adopt security best practices
• D.establish security benchmarks

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important outcome of senior management's analysis of information security metrics?

• A.The integration of information security with corporate governance
• B.The establishment of a risk acceptance process
• C.The alignment of the information security budget to corporate funding
• D.The alignment of security and IT objectives

Comment: *

Name: *

Email: *

Verification: *

A web server in a financial institution that has been compromised using a super-user account has been isolated, and proper forensic processes have been followed. The next step should be to:

• A.rebuild the server from the last verified backup.
• B.place the web server in quarantine.
• C.shut down the server in an organized manner.
• D.rebuild the server with original media and relevant patches.

Comment: *

Name: *

Email: *

Verification: *