Isolation and containment measures for a compromised computer has been taken and information security management is now investigating. What is the MOST appropriate next step?

• A.Run a forensics tool on the machine to gather evidence
• B.Reboot the machine to break remote connections
• C.Make a copy of the whole system's memory
• D.Document current connections and open Transmission Control Protocol/User Datagram Protocol (TCP/ I'DP) ports

Comment: *

Name: *

Email: *

Verification: *

2The business advantage of implementing authentication tokens is that they:

• A.provide nonrepudiation.
• B.reduce overall cost.
• C.reduce administrative workload.
• D.improve access security.

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST demonstrates that an anti-phishing campaign is effective?

• A.Decreased number of phishing emails received
• B.Improved staff attendance in awareness sessions
• C.Decreased number of incidents that have occurred
• D.Improved feedback on the anti-phishing campaign

Comment: *

Name: *

Email: *

Verification: *

Which of the following factors would have the MOST significant impact on an organization's information security governance mode?

• A.Outsourced processes
• B.Security budget
• C.Number of employees
• D.Corporate culture

Comment: *

Name: *

Email: *

Verification: *

The ULTIMATE responsibility for ensuring the objectives of an information security framework are being met belongs to:

• A.the internal audit manager.
• B.the information security officer.
• C.the steering committee.
• D.the board of directors.

Comment: *

Name: *

Email: *

Verification: *