What term is used to describe the act of checking out a privileged account password in a manner that bypasses normal access controls procedures during a critical emergency situation?
When considering the disposal of confidential data, equipment and storage devices, what social engineering technique SHOULD always be taken into consideration?
Once data has been created In a standard information lifecycle, what step TYPICALLY happens next?
What form of training SHOULD developers be undertaking to understand the security of the code they have written and how it can improve security defence whilst being attacked?
In order to maintain the currency of risk countermeasures, how often SHOULD an organisation review these risks?
Which standards framework offers a set of IT Service Management best practices to assist organisations in aligning IT service delivery with business goals - including security goals?
Which membership based organisation produces international standards, which cover good practice for information assurance?
What Is the PRIMARY reason for organisations obtaining outsourced managed security services?
When securing a wireless network, which of the following is NOT best practice?
When calculating the risk associated with a vulnerability being exploited, how is this risk calculated?
What term refers to the shared set of values within an organisation that determine how people are expected to behave in regard to information security?
When undertaking disaster recovery planning, which of the following would NEVER be considered a "natural" disaster?
What type of attack could directly affect the confidentiality of an unencrypted VoIP network?
Which algorithm is a current specification for the encryption of electronic data established by NIST?
James is working with a software programme that completely obfuscates the entire source code, often in the form of a binary executable making it difficult to inspect, manipulate or reverse engineer the original source code.
What type of software programme is this?
Which of the following is NOT an accepted classification of security controls?
Which term describes a vulnerability that is unknown and therefore has no mitigating control which is immediately and generally available?
Which of the following is a framework and methodology for Enterprise Security Architecture and Service Management?
Which of the following is an accepted strategic option for dealing with risk?
What Is the root cause as to why SMS messages are open to attackers and abuse?
Why is it prudent for Third Parties to be contracted to meet specific security standards?
Which term is used to describe the set of processes that analyses code to ensure defined coding practices are being followed?
What form of risk assessment is MOST LIKELY to provide objective support for a security Return on Investment case?
Which of the following is NOT a valid statement to include in an organisation's security policy?
Which of the following is the MOST important reason for undertaking Continual Professional Development (CPD) within the Information Security sphere?