Which of the following is the MOST important reason for an organization to communicate to affected parties that a security incident has occurred?

• A.To improve awareness of information security
• B.To disclose the root cause of the incident
• C.To increase goodwill toward the organization
• D.To comply with regulations regarding notification

Comment: *

Name: *

Email: *

Verification: *

The GREATEST benefit of choosing a private cloud over a public cloud would be:

• A.server protection.
• B.collection of data forensics.
• C.online service availability.
• D.containment of customer data.

Comment: *

Name: *

Email: *

Verification: *

The recovery time objective (RTO) is reached at which of the following milestones?

• A.Disaster declaration
• B.Recovery of the backups
• C.Restoration of the system
• D.Return to business as usual processing

Comment: *

Name: *

Email: *

Verification: *

Which of the following is an information security manager's BEST course of action to address a significant materialized risk that was not prevented by organizational controls?

• A.Update the risk register.
• B.Update the business impact analysis (BIA)
• C.Perform root cause analysis.
• D.Invoke the incident response plan.

Comment: *

Name: *

Email: *

Verification: *

To ensure appropriate control of information processed in IT systems, security safeguards should be based PRIMARILY on:

• A.criteria consistent with classification levels
• B.established guidelines
• C.overall IT capacity and operational constraints
• D.efficient technical processing considerations

Comment: *

Name: *

Email: *

Verification: *