Which of the following is the MOST important guideline when using software to scan for security exposures within a corporate network?

• A.Never use open source tools
• B.Focus only on production servers
• C.Follow a linear process for attacks
• D.Do not interrupt production processes

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY objective of security awareness is to:

• A.ensure that security policies are understood.
• B.influence employee behavior.
• C.ensure legal and regulatory compliance
• D.notify of actions for noncompliance.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is an information security manager's BEST course of action to address a significant materialized risk that was not prevented by organizational controls?

• A.Perform root cause analysis.
• B.Invoke the incident response plan.
• C.Update the business impact analysis (BIA)
• D.Update the risk register.

Comment: *

Name: *

Email: *

Verification: *

To BEST improve the alignment of the information security objectives in an organization, the chief information security officer (CISO) should:

• A.revise the information security program.
• B.evaluate a balanced business scorecard.
• C.conduct regular user awareness sessions.
• D.perform penetration tests.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important outcome of a well-implemented awareness program?

• A.Help desk response time to resolve incidents is improved.
• B.The number of successful social engineering attacks is reduced.
• C.The board is held accountable for risk management.
• D.The number of reported security incidents steadily decreases.

Comment: *

Name: *

Email: *

Verification: *