An organization recently activated its business continuity plan (BCP). All employees were notified during the event, but some did not fully follow the communications plan. What is the BEST way to prevent a recurrence?
Correct Answer: C
Question 172
Which of the following would provide the BEST input to a business case for a technical solution to address potential system vulnerabilities?
Correct Answer: B
Question 173
It is important to develop an information security baseline because it helps to define:
Correct Answer: C
Developing an information security baseline helps to define the minimum acceptable security that will be implemented to protect the information resources in accordance with the respective criticality levels. Before determining the security baseline, an information security manager must establish the security policy, identify criticality levels of organization's information resources and assess the risk environment in which those resources operate.
Question 174
Which of the following is MOST helpful for protecting an enterprise from advanced persistent threats (APTs)?
Correct Answer: B
Threat intelligence is the most helpful method for protecting an enterprise from advanced persistent threats (APTs), as it provides relevant and actionable information about the sources, methods, and intentions of the adversaries who conduct APTs. Threat intelligence can help to identify and anticipate the APTs that target the enterprise, as well as to enhance the detection, prevention, and response capabilities of the information security program. Threat intelligence can also help to reduce the impact and duration of the APTs, as well as to improve the resilience and recovery of the enterprise. Threat intelligence can be obtained from various sources, such as internal data, external feeds, industry peers, government agencies, or security vendors. The other options are not as helpful as threat intelligence, as they do not provide a specific and timely way to protect the enterprise from APTs. Updated security policies are important to establish the rules, roles, and responsibilities for information security within the enterprise, as well as to align the information security program with the business objectives, standards, and regulations. However, updated security policies alone are not enough to protect the enterprise from APTs, as they do not address the dynamic and sophisticated nature of the APTs, nor do they provide the technical or operational measures to counter the APTs. Defined security standards are important to specify the minimum requirements and best practices for information security within the enterprise, as well as to ensure the consistency, quality, and compliance of the information security program. However, defined security standards alone are not enough to protect the enterprise from APTs, as they do not account for the customized and targeted nature of the APTs, nor do they provide the situational or contextual awareness to deal with the APTs. Regular antivirus updates are important to keep the antivirus software up to date with the latest signatures and definitions of the known malware, viruses, and other malicious code. However, regular antivirus updates alone are not enough to protect the enterprise from APTs, as they do not detect or prevent the unknown or zero-day malware, viruses, or other malicious code that are often used by the APTs, nor do they provide the behavioral or heuristic analysis to identify the APTs. References = * CISM Review Manual, 16th Edition, ISACA, 2022, pp. 211-212, 215-216, 233-234, 237-238. * CISM Questions, Answers & Explanations Database, ISACA, 2022, QID 1021. * Advanced Persistent Threats and Nation-State Actors 1 * Book Review: Advanced Persistent Threats 2 * Advanced Persistent Threat (APT) Protection 3 * Establishing Advanced Persistent Security to Combat Long-Term Threats 4 * What is the difference between Anti - APT (Advanced Persistent Threat) and ATP (Advanced Threat Protection)5
Question 175
Which of the following is the BEST way to ensure that organizational security policies comply with data security regulatory requirements?
