Which of the following reports should you as an IT auditor use to check on compliance with a service level agreement’s requirement for uptime?
Which of the following best represents a calculation for Annual Loss Expectancy (ALE)?
Which of the following is a term related to risk management that represents the estimated frequency at which a threat is expected to transpire?
As the new CISO at the company you are reviewing the audit reporting process and notice that it includes only detailed technical diagrams. What else should be in the reporting process?
A missing/ineffective security control is identified. Which of the following should be the NEXT step?
The remediation of a specific audit finding is deemed too expensive and will not be implemented. Which of the following is a TRUE statement?
In MOST organizations which group periodically reviews network intrusion detection system logs for all systems as part of their daily tasks?
When a critical vulnerability has been discovered on production systems and needs to be fixed immediately, what is the BEST approach for a CISO to mitigate the vulnerability under tight budget constraints?
An organization is required to implement background checks on all employees with access to databases containing credit card information. This is considered a security
Which of the following represents the BEST reason for an organization to use the Control Objectives for Information and Related Technology (COBIT) as an Information Technology (IT) framework?
You work as a project manager for TYU project. You are planning for risk mitigation. You need to quickly identify high-level risks that will need a more in-depth analysis. Which of the following activities will help you in this?
A new CISO just started with a company and on the CISO's desk is the last complete Information Security Management audit report. The audit report is over two years old. After reading it, what should be the CISO's FIRST priority?
What is a key policy that should be part of the information security plan?
What organizational structure combines the functional and project structures to create a hybrid of the two?
An organization has decided to develop an in-house BCM capability. The organization has determined it is best to follow a BCM standard published by the International Organization for Standardization (ISO).
The BEST ISO standard to follow that outlines the complete lifecycle of BCM is?
When obtaining new products and services, why is it essential to collaborate with lawyers, IT security professionals, privacy professionals, security engineers, suppliers, and others?
To make sure that the actions of all employees, applications, and systems follow the organization’s rules and regulations can BEST be described as which of the following?
What is the primary difference between regulations and standards?
Who should be involved in the development of an internal campaign to address email phishing?
Which of the following is the MOST effective method to counter phishing attacks?
When performing a forensic investigation, what are the two MOST common data sources for obtaining evidence from a computer and mobile devices?
From the CISO’s perspective in looking at financial statements, the statement of retained earnings of an organization:
A bastion host should be placed:
As the Risk Manager of an organization, you are task with managing vendor risk assessments. During the assessment, you identified that the vendor is engaged with high profiled clients, and bad publicity can jeopardize your own brand.
Which is the BEST type of risk that defines this event?
Which of the following is the MOST logical method of deploying security controls within an organization?
Smith, the project manager for a larger multi-location firm, is leading a software project team that has 18
members, 5 of which are assigned to testing. Due to recent recommendations by an organizational quality audit
team, the project manager is convinced to add a quality professional to lead to test team at additional cost to
the project.
The project manager is aware of the importance of communication for the success of the project and takes the
step of introducing additional communication channels, making it more complex, in order to assure quality
levels of the project. What will be the first project management document that Smith should change in order to
accommodate additional communication channels?
File Integrity Monitoring (FIM) is considered a
Which of the following is true regarding expenditures?
Involvement of senior management is MOST important in the development of:
The rate of change in technology increases the importance of:
Scenario: You are the CISO and have just completed your first risk assessment for your organization. You find many risks with no security controls, and some risks with inadequate controls. You assign work to your staff to create or adjust existing security controls to ensure they are adequate for risk mitigation needs.
You have identified potential solutions for all of your risks that do not have security controls. What is the NEXT step?
Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years.
The organization has already been subject to a significant amount of credit card fraud. Which of the following is the MOST likely reason for this fraud?
SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.
Which of the following is the FIRST action the CISO will perform after receiving the audit report?
The formal certification and accreditation process has four primary steps, what are they?
If a Virtual Machine’s (VM) data is being replicated and that data is corrupted, this corruption will automatically
be replicated to the other machine(s). What would be the BEST control to safeguard data integrity?
John is the project manager for a large project in his organization. A new change request has been proposed that will affect several areas of the project. One area of the project change impact is on work that a vendor has already completed. The vendor is refusing to make the changes as they’ve already completed the project work they were contracted to do. What can John do in this instance?
In terms of supporting a forensic investigation, it is now imperative that managers, first-responders, etc., accomplish the following actions to the computer under investigation:
Which wireless encryption technology makes use of temporal keys?
Which of the following is a symmetric encryption algorithm?
One of your executives needs to send an important and confidential email. You want to ensure that the message cannot be read by anyone but the recipient. Which of the following keys should be used to encrypt the message?
The process of identifying and classifying assets is typically included in the
Your incident handling manager detects a virus attack in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the incident handling process will utilize the signature to resolve this incident?
You are having a penetration test done on your company network and the leader of the team says they discovered all the network devices because no one had changed the Simple Network Management Protocol (SNMP) community strings from the defaults. Which of the following is a default community string?
Security related breaches are assessed and contained through which of the following?
The process for identifying, collecting, and producing digital information in support of legal proceedings is called
Which of the following is a countermeasure to prevent unauthorized database access from web applications?
An access point (AP) is discovered using Wireless Equivalent Protocol (WEP). The ciphertext sent by the AP is encrypted with the same key and cipher used by its stations. What authentication method is being used?
SQL injection is a very popular and successful injection attack method. Identify the basic SQL injection text:
Who is responsible for securing networks during a security incident?
A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?
Which of the following is a critical operational component of an Incident Response Program (IRP)?
The success of the Chief Information Security Officer is MOST dependent upon:
What is the SECOND step to creating a risk management methodology according to the National Institute of Standards and Technology (NIST) SP 800-30 standard?
The PRIMARY objective for information security program development should be:
What is the main purpose of the Incident Response Team?
When briefing senior management on the creation of a governance process, the MOST important aspect should be:
The Information Security Governance program MUST:
Why is it vitally important that senior management endorse a security policy?
In which of the following cases, would an organization be more prone to risk acceptance vs. risk mitigation?
What is the definition of Risk in Information Security?
How often should the Statements of Standards for Attestation Engagements-16 (SSAE16)/International Standard on Assurance Engagements 3402 (ISAE3402) report of your vendors be reviewed?
Which of the following functions evaluates patches used to close software vulnerabilities of new systems to assure compliance with policy when implementing an information security program?
When gathering security requirements for an automated business process improvement program, which of the following is MOST important?
Which business stakeholder is accountable for the integrity of a new information system?
This occurs when the quantity or quality of project deliverables is expanded from the original project plan.
A CISO implements smart cards for credential management, and as a result has reduced costs associated with help desk operations supporting password resets. This demonstrates which of the following principles?
Which of the following is considered a project versus a managed process?