Who should be responsible for enforcing access rights to application data?

• A.Data owners
• B.Business process owners
• C.The security steering committee
• D.Security administrators

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important reason for an organization to communicate to affected parties that a security incident has occurred?

• A.To comply with regulations regarding notification
• B.To increase goodwill toward the organization
• C.To disclose the root cause of the incident
• D.To improve awareness of information security

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST ensures timely and reliable access to services?

• A.Availability
• B.Nonrepudiation
• C.Authenticity
• D.Recovery lime objective (RTO)

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST helpful to management in determining whether risks are within an organization's tolerance level?

• A.Maturity level
• B.Heat map
• C.Audit findings
• D.Penetration test results

Comment: *

Name: *

Email: *

Verification: *

It is MOST important for an information security manager to ensure that security risk assessments are performed:

• A.consistently throughout the enterprise
• B.during a root cause analysis
• C.as part of the security business case
• D.in response to the threat landscape

Comment: *

Name: *

Email: *

Verification: *