Senior management wants to provide mobile devices to its sales force. Which of the following should the Information security manager do FIRST to support this objective?

• A.Develop an acceptable use policy.
• B.Research mobile device management (MDM) solutions.
• C.Conduct a vulnerability assessment on the devices.
• D.Assess risks introduced by the technology

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important to understand when developing a meaningful information security strategy?

• A.Regulatory environment
• B.International security standards
• C.Organizational risks
• D.Organizational goals

Comment: *

Name: *

Email: *

Verification: *

For an organization that provides web-based services, which of the following security events would MOST likely initiate an incident response plan and be escalated to management?

• A.Multiple failed login attempts on an employee's workstation
• B.Suspicious network traffic originating from the demilitarized zone (DMZ)
• C.Several port scans of the web server
• D.Anti-malware alerts on several employees' workstations

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important in determining whether a disaster recovery test is successful?

• A.Only business data files from offsite storage are used
• B.IT staff fully recovers the processing infrastructure
• C.Critical business processes are duplicated
• D.All systems are restored within recovery time objectives (RTOs)

Comment: *

Name: *

Email: *

Verification: *

In the course of responding 10 an information security incident, the BEST way to treat evidence for possible legal action is defined by:

• A.international standards.
• B.local regulations.
• C.generally accepted best practices.
• D.organizational security policies.

Comment: *

Name: *

Email: *

Verification: *