An organization is adopting a standardized corporate chat messaging technology to help facilitate communication among business units. Which of the following is an ESSENTIAL task associated with this initiative?

• A.Restricting the use of the technology in departments with sensitive information
• B.Enforcing encryption of chat communications
• C.Increasing security and operational staffing to support the technology
• D.Reviewing existing organizational policies regarding the new technology

Comment: *

Name: *

Email: *

Verification: *

Which of the following would provide the BEST evidence to senior management that security control performance has improved?

• A.Results of an emerging threat analysis
• B.Review of security metrics trends
• C.Reduction in inherent risk
• D.Demonstrated return on security investment

Comment: *

Name: *

Email: *

Verification: *

When performing a business impact analysis (BIA), who should be responsible for determining the initial recovery time objective (RTO)?

• A.Information owner
• B.Information security manager
• C.External consultant
• D.Business continuity coordinator

Comment: *

Name: *

Email: *

Verification: *

While classifying information assets an information security manager notices that several production databases do not have owners assigned to them What is the BEST way to address this situation?

• A.Assign responsibility to the database administrator (DBA).
• B.Review the databases for sensitive content.
• C.Prepare a report of the databases for senior management.
• D.Assign the highest classification level to those databases.

Comment: *

Name: *

Email: *

Verification: *

Deciding the level of protection a particular asset should be given in BEST determined by:

• A.a risk analysis.
• B.corporate risk appetite.
• C.a threat assessment.
• D.a vulnerability assessment.

Comment: *

Name: *

Email: *

Verification: *