Which of the following is the BEST defense against successful phishing attacks?

• A.Intrusion detection system
• B.Application hardening
• C.End-user awareness
• D.Spam filters

Comment: *

Name: *

Email: *

Verification: *

The head of a business operations department asks to review the entire IT risk register. Which of the following would be the risk manager s BEST approach to this request before sharing the register?

• A.Escalate to senior management
• B.Determine the purpose of the request
• C.Sanitize portions of the register
• D.Require a nondisclosure agreement.

Comment: *

Name: *

Email: *

Verification: *

When prioritizing risk response, management should FIRST:

• A.evaluate the organization's ability and expertise to implement the solution.
• B.evaluate the risk response of similar organizations.
• C.determine which risk factors have high remediation costs.
• D.address high risk factors that have efficient and effective solutions.

Comment: *

Name: *

Email: *

Verification: *

A rule-based data loss prevention (DLP) tool has recently been implemented to reduce the risk of sensitive data leakage. Which of the following is MOST likely to change as a result of this implementation?

• A.Risk velocity
• B.Risk impact
• C.Risk likelihood
• D.Risk appetite

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST way to determine whether new controls mitigate security gaps in a business system?

• A.Conduct a compliance check against standards.
• B.Perform a vulnerability assessment.
• C.Measure the change in inherent risk.
• D.Complete an offsite business continuity exercise.

Comment: *

Name: *

Email: *

Verification: *