Venom #2

Which of the following is the BEST way to ensure that organizational security policies comply with data security regulatory requirements?. Obtain annual sign-off from executive management. Align the policies to the most stringent global regulations. Send the policies to stakeholders for review. Outsource compliance activities.

Deciding the level of protection a particular asset should be given is BEST determined by: the corporate risk appetite. a risk analysis. a threat assessment. a vulnerability assessment.

What should be an information security manager's FIRST step when developing a business case for a new intrusion detection system (IDS) solution?. Calculate the total cost of ownership (TCO). Define the issues to be addressed. Perform a cost-benefit analysis. Conduct a feasibility study.

An information security team plans to increase password complexity requirements for a customer-facing site, but there are concerns it will negatively impact the user experience. Which of the following is the information security manager's BEST course of action. Evaluate business compensating controls. Quantify the security risk to the business. Assess business impact against security risk. Conduct industry benchmarking.

Which of the following BEST determines what information should be shared with different entities during incident response?. Escalation procedures. Communication plan. Disaster recovery policy. Business continuity plan (BCP).

For an organization that provides web-based services, which of the following security events would MOST likely initiate an incident response plan and be escalated to management?. Anti-malware alerts on several employees' workstations. Several port scans of the web server. Multiple failed login attempts on an employee's workstation. Suspicious network traffic originating from the demilitarized zone (DMZ).

Which of the following is MOST important for an information security manager to consider when identifying information security resource requirements?. Availability of potential resources. Information security incidents. Current resourcing levels. Information security strategy.

A large organization is in the process of developing its information security program that involves working with several complex organizational functions. Which of the following will BEST enable the successful implementation of this program?. Security governance. Security policy. Security metrics. Security guidelines.

Which of the following is the PRIMARY purpose of establishing an information security governance framework?. To proactively address security objectives. To reduce security audit issues. To enhance business continuity planning. To minimize security risks.

Which of the following BEST indicates an effective vulnerability management program?. Security incidents are reported in a timely manner. Threats are identified accurately. Controls are managed proactively. Risks are managed within acceptable limits.

Which of the following is the MOST effective way to mitigate the risk of confidential data leakage to unauthorized stakeholders?. Create a data classification policy. Implement role-based access controls. Require the use of login credentials and passwords. Conduct information security awareness training.

Which of the following external entities would provide the BEST guidance to an organization facing advanced attacks?. Incident response experts from highly regarded peer organizations. Open-source reconnaissance. Recognized threat intelligence communities. Disaster recovery consultants widely endorsed in industry forums.

Which of the following is PRIMARILY influenced by a business impact analysis (BIA)?. Recovery strategy. Risk mitigation strategy. Security strategy. IT strategy.

The MAIN purpose of influenced by a business impact guideline for use within a large, international organization is to: explain the organization's preferred practices for security. ensure that all business units have the same strategic security goals. ensure that all business units implement identical security procedures. provide evidence for auditors that security practices are adequate.

Which of the following is an information security manager's BEST course of action upon discovering an organization with budget constraints lacks several important security capabilities?. Suggest the deployment of open-source security tools to mitigate identified risks. Establish a business case to demonstrate return on investment (ROI) of a security tool. Recommend that the organization avoid the most severe risks. Review the most recent audit report and request funding to address the most serious finding.

The BEST way to report to the board on the effectiveness of the information security program is to present: a summary of the most recent audit findings. a report of cost savings from process improvements. peer-group industry benchmarks. a dashboard illustrating key performance metrics.

An organization's outsourced firewall was poorly configured and allowed unauthorized access that resulted in downtime of 48 hours. Which of the following should be the information security manager's NEXT course of action?. Reconfigure the firewall in accordance with best practices. Obtain supporting evidence that the problem has been corrected. Seek damages from the service provider. Revisit the contract and improve accountability of the service provider.

Which is the MOST important requirement when establishing a process for responding to zero-day vulnerabilities?. The IT team updates antivirus signatures on user systems. The IT team implements an emergency patch deployment process. Business users stop using the impacted application until a patch is released. The information security team implements recommended workarounds.

Which of the following should be the MOST important consideration when prioritizing risk remediation?. Evaluation of risk. Duration of exposure. Comparison to risk appetite. Impact of compliance.

An information security manager's PRIMARY objective for presenting key risks to the board of directors is to: ensure appropriate information security governance. quantify reputational risks. meet information security compliance requirements. re-evaluate the risk appetite.

Which of the following is the BEST way to strengthen the alignment of an information security program with business strategy?. Establishing an information security steering committee. Increasing the frequency of control assessments. Providing organizational training on information security policies. Increasing budget for risk assessments.

What is the PRIMARY responsibility of the security steering committee?. Implement information security control. Develop information security policy. Set direction and monitor performance. Provide information security training to employees.

An information security manager is assisting in the development of the request for proposal (RFP) for a new outsourced service. This will require the third party to have access to critical business information. The security manager should focus PRIMARILY on defining: security requirements for the process being outsourced. risk-reporting methodologies. service level agreements (SLAs). security metrics.

Following a risk assessment, new countermeasures have been approved by management. Which of the following should be performed NEXT?. Schedule the target end date for implementation activities. Develop an implementation strategy. Budget the total cost of implementation activities. Calculate the cost for each countermeasure.

Which of the following is the MOST beneficial outcome of testing an incident response plan?. The response includes escalation to senior management. Test plan results are documented. Incident response time is improved. The plan is enhanced to reflect the findings of the test.

Which of the following would BEST help to ensure an organization's security program is aligned with business objectives?. The organization's board of directors includes a dedicated information security advisor. The security strategy is reviewed and approved by the organization's steering committee. Security policies are reviewed and approved by the chief information officer (CIO). Business leaders receive annual information security awareness training This question has been.

When defining and communicating roles and responsibilities between an organization and cloud service provider, which of the following situations would present the GREATEST risk to the organization's ability to ensure information risk is managed appropriately?. The service agreement uses a custom-developed RACI instead of an industry standard RACI to document responsibilities. The organization believes the provider accepted responsibility for issues affecting security that the provider did not accept. The organization and provider identified multiple information security responsibilities that neither party was planning to provide. The service agreement results in unnecessary duplication of effort because shared responsibilities have not been clearly defined.

An executive's personal mobile device used for business purposes is reported lost. The information security manager should respond based on: the acceptable use policy. asset management guidelines. the business impact analysis (BIA). incident classification.

For an organization that is experiencing outages due to malicious code, which of the following is the BEST index of the effectiveness of countermeasures?. Number of virus infections detected. Average recovery time per incident. Amount of infection-related downtime. Number of downtime-related help desk calls.

Which of the following is the PRIMARY responsibility of an information security governance committee?. Reviewing the information security risk register. Approving changes to the information security strategy. Discussing upcoming information security projects. Reviewing monthly information security metrics.

The MOST important information for influencing management's support of information security is: a report of a successful attack on a competitor. a demonstration of alignment with the business strategy. an identification of the overall threat landscape. an identification of organizational risks.

What is the BEST way for an information security manager to ensure critical assets are prioritized in a new information security program?. Update operating procedures to include new requirements. Conduct security awareness training. Conduct an inventory of information assets. Backup information assets and store them offsite.

The MAIN purpose of documenting information security guidelines for use within a large, international organization is to: explain the organization's preferred practices for security. ensure that all business units have the same strategic security goals. ensure that all business units implement identical security procedures. provide evidence for auditors that security practices are adequate.

Which of the following is the BEST method for determining whether a firewall has been configured to provide a comprehensive perimeter defense?. A port scan of the firewall from an internal source. A simulated denial of service (DoS) attack against the firewall. A validation of the current firewall rule set. A ping test from an external source.

An organization recently activated its business continuity plan (BCP). All employees were notified during the event, but some did not fully follow the communications plan. What is the BEST way to prevent a recurrence?. Perform tabletop testing with appropriate employees. Reprimand employees for not following the plan. Enhance external communication instructions in the BCP. Incorporate BCP communication expectations in job descriptions.

What should an information security manager do FIRST to establish a roadmap for security investments?. Perform cost-benefit analyses of the investments. Gain a thorough understanding of the organization's operating processes. Establish business cases for proposed security investments. Ensure investments are strategically aligned with business objectives.

After the occurrence of a major information security incident, which of the following will BEST help an information security manager determine corrective actions?. Preserving the evidence. Performing an impact analysis. Calculating cost of the incident. Conducting a postmortem assessment.

Which of the following is the MOST important consideration when defining security configuration baselines?. The baselines address applicable regulatory standards. The baselines are proportionate to risk. The baselines address known system vulnerabilities. The baselines align with lines of business.

Recommendations for enterprise investment in security technology should be PRIMARILY based on: availability of financial resources. alignment with business needs. the organization's risk tolerance. adherence to international standards.

Using which of the following metrics will BEST help to determine the resiliency of IT infrastructure security controls?. Percentage of outstanding high-risk audit issues. Number of incidents resulting in disruptions. Number of successful disaster recovery tests. Frequency of updates to system software.

Which of the following is MOST important when designing an information security governance framework?. Assessing the availability of information security resources. Assessing the current state of information securit. Aligning with the information security strategy. Aligning with industry best practice frameworks.

An organization has just updated its backup capability to a new cloud-based solution. Which of the following tests will MOST effectively verify this change is working as intended?. Simulation testing. Tabletop testing. Parallel testing. Black box testing.

Which of the following is MOST useful to display on a dashboard to demonstrate security performance?. Number of hours spent per vulnerability remediated. Number of vulnerabilities detected over time. Severity of currently unremediated vulnerabilities. Average time to identify vulnerabilities.

Which of the following should be done FIRST when establishing an information security governance framework?. Gain an understanding of the business and cultural attributes. Contract a third party to conduct an independent review of the program. Conduct a cost-benefit analysis of the framework. Evaluate information security tools and skills relevant for the environment.

A recovery point objective (RPO) is required in which of the following?. Business continuity plan (BCP). Information security plan. Incident response plan. Disaster recovery plan (DRP).

Which of the following BEST indicates the effectiveness of a recent information security awareness campaign delivered across the organization?. Increase in the frequency of security incident escalations. Reduction in the impact of security incidents. Decrease in the number of security incidents. Increase in the number of reported security incidents.

Which of the following BEST supports investments in an information security program?. Business impact analysis (BIA). Risk assessment results. Gap analysis results. Business cases.

Which of the following is the PRIMARY objective of integrating information security governance into corporate governance?. To align security goals with the information security program. To ensure the business supports information security goals. To adequately safeguard the business in achieving its mission. To obtain management commitment for sustaining the security program.

Which of the following principles BEST addresses the protection of data from unauthorized modification?. Nonrepudiation. Integrity. Availability. Authenticity.

Which of the following business units should own the data that populates an identity management system?. Legal. Human resources (HR). Information security. Information technology.

Which of the following is MOST important when developing an information security governance framework?. Ensuring alignment with the organization's risk management framework. Integrating security within the system development life cycle (SDLC) process. Developing policies and procedures to support the framework. Developing security incident response measures.

Which of the following is the MOST relevant control to address the integrity of information?. Implementation of a redundant server system. Encryption of email. Implementation of an Internet security application. Assignment of appropriate access permissions.

An organization has acquired a new system with strict maintenance instructions and schedules. Where should this information be documented?. Standards. Procedures. Guidelines. Policies.

An organization provides notebook PCs, cable wire locks, smartphone access, and virtual private network (VPN) access to its remote employees. Which of the following is MOST important for the information security manager to ensure?. Employees are trained on the acceptable use policy. Employees use smartphone tethering when accessing from remote locations. Employees use the VPN when accessing the organization's online resources. Employees physically lock PCs when leaving the immediate area.

An information security team has confirmed that threat actors are taking advantage of a newly announced critical vulnerability within an application. Which of the following should be done FIRST?. Notify senior management. Prevent access to the application. Invoke the incident response plan. Install additional application controls.

Who should decide whether a specific control should be changed once risk is approved for mitigation?. Risk owner. Data owner. Control owner. Process owner.

Which of the following components of the risk assessment process should be reviewed FIRST to gain an understanding of the scope of an emerging risk within an organization?. Risk categorization. Asset identification. Control evaluation. Risk treatment.

Which of the following BEST enables an incident response team to determine appropriate actions during an initial investigation?. Technical capabilities of the team. Feedback from affected departments. Historical data from past incidents. Procedures for incident triage.