Priority should be given to which of the following to ensure effective implementation of information security governance?

• A.Consultation
• B.Negotiation
• C.Facilitation
• D.Planning

Comment: *

Name: *

Email: *

Verification: *

Which of the following would be the BEST way for an information security manager to improve the effectiveness of an organization's information security program?

• A.Focus on addressing conflicts between security and performance.
• B.Include information security requirements in the change control process.
• C.Obtain assistance from IT to implement automated security cantrals.
• D.Collaborate with business and IT functions in determining controls.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important step in risk ranking?

• A.Impact assessment
• B.Threat assessment
• C.Mitigation cost
• D.Vulnerability analysis

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important to evaluate after completing a risk action plan?

• A.Threat profile
• B.Inherent risk
• C.Residual risk
• D.Vulnerability landscape

Comment: *

Name: *

Email: *

Verification: *

When developing an incident escalation process, the BEST approach is to classify incidents based on:

• A.estimated time to recover.
• B.information assets affected.
• C.recovery point objectives (RPOs).
• D.their root causes.

Comment: *

Name: *

Email: *

Verification: *