Which of the following is an advantage of a centralized information security organizational structure?

• A.It is easier to promote security awareness.
• B.It is easier to manage and control.
• C.It is more responsive to business unit needs.
• D.It provides a faster turnaround for security requests.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST approach for data owners to use when defining access privileges for users?

• A.Define access privileges based on user roles.
• B.Adopt user account settings recommended by the vendor.
• C.Perform a risk assessment of the users' access privileges.
• D.Implement an identity and access management (IDM) tool.

Comment: *

Name: *

Email: *

Verification: *

The information security manager has been notified of a new vulnerability that affects key data processing systems within the organization Which of the following should be done FIRST?

• A.Inform senior management
• B.Re-evaluate the risk
• C.Implement compensating controls
• D.Ask the business owner for the new remediation plan

Comment: *

Name: *

Email: *

Verification: *

An organization is considering the adoption of cloud service providers for its expanding global business operations. Which of the following is MOST important for the information security manager to review with regard to data protection?

• A.Organizational requirements
• B.Local laws and regulations
• C.Data privacy policy
• D.Security policy and standards

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important success factor for maintaining an organizational security-aware culture?

• A.Senior management sign-off on security projects and resources
• B.Employee security policy acknowledgment
• C.Regular organization-wide reporting on the risk profile
• D.Regular security training and simulation exercises

Comment: *

Name: *

Email: *

Verification: *