Which of the following would be the MOST significant security risk in a pharmaceutical institution?

• A.Compromised customer information
• B.Unavailability of online transactions
• C.Theft of security tokens
• D.Theft of a Research and Development laptop

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the PRIMARY driver for selecting and implementing appropriate controls to address the risk associated with weal user passwords?

• A.The organization's risk tolerance
• B.The organization's culture
• C.Direction from senior management
• D.The cost of risk mitigation controls

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST indication of effective information security governance?

• A.Information security is considered the responsibility of the entire information security team.
• B.Information security controls are assigned to risk owners.
• C.Information security is integrated into corporate governance.
• D.Information security governance is based on an external security framework.

Comment: *

Name: *

Email: *

Verification: *

The root cause of a successful cross site request forgery (XSRF) attack against an application is that the vulnerable application:

• A.uses multiple redirects for completing a data commit transaction.
• B.has implemented cookies as the sole authentication mechanism.
• C.has been installed with a non-legitimate license key.
• D.is hosted on a server along with other applications.

Comment: *

Name: *

Email: *

Verification: *

An employee is found to be using an external cloud storage service to share corporate information with a third-party consultant, which is against company policy. Which of the following should be the information security manager's FIRST course of action?

• A.Determine the classification level of the information.
• B.Seek business justification from the employee.
• C.Block access to the cloud storage service.
• D.Inform higher management a security breach.

Comment: *

Name: *

Email: *

Verification: *