Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?
The patching and monitoring of systems on a consistent schedule is required by?
The BEST organization to provide a comprehensive, independent and certifiable perspective on established security controls in an environment is
Many times a CISO may have to speak to the Board of Directors (BOD) about their cyber security posture. What would be the BEST choice of security metrics to present to the BOD?
Which of the following activities must be completed BEFORE you can calculate risk?
The implementation of anti-malware and anti-phishing controls on centralized email servers is an example of what type of security control?
When entering into a third party vendor agreement for security services, at what point in the process is it BEST to understand and validate the security posture and compliance level of the vendor?
An organization has decided to develop an in-house BCM capability. The organization has determined it is best to follow a BCM standard published by the International Organization for Standardization (ISO).
The BEST ISO standard to follow that outlines the complete lifecycle of BCM is?
A recommended method to document the respective roles of groups and individuals for a given process is to:
A CISO implements smart cards for credential management, and as a result has reduced costs associated with help desk operations supporting password resets. This demonstrates which of the following principles?
A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?
The Board of Directors of a publicly-traded company is concerned about the security implications of a strategic project that will migrate 50% of the organization’s information technology assets to the cloud. They have requested a briefing on the project plan and a progress report of the security stream of the project. As the CISO, you have been tasked with preparing the report for the Chief Executive Officer to present.
Using the Earned Value Management (EVM), what does a Cost Variance (CV) of -1,200 mean?
What organizational structure combines the functional and project structures to create a hybrid of the two?
A CISO has recently joined an organization with a poorly implemented security program. The desire is to base the security program on a risk management approach. Which of the following is a foundational requirement in order to initiate this type of program?
Which of the following strategies provides the BEST response to a ransomware attack?
Information Security is often considered an excessive, after-the-fact cost when a project or initiative is completed. What can be done to ensure that security is addressed cost effectively?
Which of the following is the MOST effective method to counter phishing attacks?
Which of the following best summarizes the primary goal of a security program?
A large number of accounts in a hardened system were suddenly compromised to an external party. Which of
the following is the MOST probable threat actor involved in this incident?
As the CISO you need to write the IT security strategic plan. Which of the following is the MOST important to review before you start writing the plan?
At what level of governance are individual projects monitored and managed?
SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.
The CISO has validated audit findings, determined if compensating controls exist, and started initial remediation planning. Which of the following is the MOST logical next step?
A system is designed to dynamically block offending Internet IP-addresses from requesting services from a secure website. This type of control is considered
Smith, the project manager for a larger multi-location firm, is leading a software project team that has 18
members, 5 of which are assigned to testing. Due to recent recommendations by an organizational quality audit
team, the project manager is convinced to add a quality professional to lead to test team at additional cost to
the project.
The project manager is aware of the importance of communication for the success of the project and takes the
step of introducing additional communication channels, making it more complex, in order to assure quality
levels of the project. What will be the first project management document that Smith should change in order to
accommodate additional communication channels?
Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has full access to the data on the foreign server.
What action should you take FIRST?
What is one key difference between Capital expenditures and Operating expenditures?
Scenario: The new CISO was informed of all the Information Security projects that the section has in progress. Two projects are over a year behind schedule and way over budget.
Which of the following will be most helpful for getting an Information Security project that is behind schedule back on schedule?
The ability to demand the implementation and management of security controls on third parties providing services to an organization is
The framework that helps to define a minimum standard of protection that business stakeholders must attempt to achieve is referred to as a standard of:
A global retail company is creating a new compliance management process. Which of the following regulations is of MOST importance to be tracked and managed by this process?
Credit card information, medical data, and government records are all examples of:
When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?
A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. Which of the following standards and guidelines can BEST address this organization’s need?
SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.
Which of the following is the FIRST action the CISO will perform after receiving the audit report?
When deploying an Intrusion Prevention System (IPS) the BEST way to get maximum protection from the system is to deploy it
An organization has defined a set of standard security controls. This organization has also defined the circumstances and conditions in which they must be applied. What is the NEXT logical step in applying the controls in the organization?
According to ISO 27001, of the steps for establishing an Information Security Governance program listed below, which comes first?
Physical security measures typically include which of the following components?
Your organization provides open guest wireless access with no captive portals. What can you do to assist with law enforcement investigations if one of your guests is suspected of committing an illegal act using your network?
One of your executives needs to send an important and confidential email. You want to ensure that the message cannot be read by anyone but the recipient. Which of the following keys should be used to encrypt the message?
In terms of supporting a forensic investigation, it is now imperative that managers, first-responders, etc., accomplish the following actions to the computer under investigation:
While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data center?
Your penetration testing team installs an in-line hardware key logger onto one of your network machines. Which of the following is of major concern to the security organization?
What type of attack requires the least amount of technical equipment and has the highest success rate?
Which of the following is a countermeasure to prevent unauthorized database access from web applications?
The process of identifying and classifying assets is typically included in the
An access point (AP) is discovered using Wireless Equivalent Protocol (WEP). The ciphertext sent by the AP is encrypted with the same key and cipher used by its stations. What authentication method is being used?
The ability to hold intruders accountable in a court of law is important. Which of the following activities are needed to ensure the highest possibility for successful prosecution?
What is the SECOND step to creating a risk management methodology according to the National Institute of Standards and Technology (NIST) SP 800-30 standard?
Which of the following intellectual Property components is focused on maintaining brand recognition?
A new CISO just started with a company and on the CISO's desk is the last complete Information Security Management audit report. The audit report is over two years old. After reading it, what should be the CISO's FIRST priority?
Which of the following BEST describes an international standard framework that is based on the security model Information Technology—Code of Practice for Information Security Management?
An organization has implemented a change management process for all changes to the IT production environment. This change management process follows best practices and is expected to help stabilize the availability and integrity of the organization’s IT environment. Which of the following can be used to measure the effectiveness of this newly implemented process:
A CISO sees abnormally high volumes of exceptions to security requirements and constant pressure from business units to change security processes. Which of the following represents the MOST LIKELY cause of this situation?
An application vulnerability assessment has identified a security flaw in an application. This is a flaw that was previously identified and remediated on a prior release of the application. Which of the following is MOST likely the reason for this recurring issue?
A severe security threat has been detected on your corporate network. As CISO you quickly assemble key members of the Information Technology team and business operations to determine a modification to security controls in response to the threat. This is an example of: