Which of the following is a term related to risk management that represents the estimated frequency at which a threat is expected to transpire?
The MOST common method to get an unbiased measurement of the effectiveness of an Information Security Management System (ISMS) is to
Which of the following is a fundamental component of an audit record?
Which of the following activities must be completed BEFORE you can calculate risk?
As the new CISO at the company you are reviewing the audit reporting process and notice that it includes only detailed technical diagrams. What else should be in the reporting process?
How often should an environment be monitored for cyber threats, risks, and exposures?
Which of the following best represents a calculation for Annual Loss Expectancy (ALE)?
The implementation of anti-malware and anti-phishing controls on centralized email servers is an example of what type of security control?
The mean time to patch, number of virus outbreaks prevented, and number of vulnerabilities mitigated are examples of what type of performance metrics?
Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?
A new CISO just started with a company and on the CISO's desk is the last complete Information Security Management audit report. The audit report is over two years old. After reading it, what should be the CISO's FIRST priority?
An information security department is required to remediate system vulnerabilities when they are discovered. Please select the three primary remediation methods that can be used on an affected system.
An organization information security policy serves to
Payment Card Industry (PCI) compliance requirements are based on what criteria?
Credit card information, medical data, and government records are all examples of:
Which of the following is considered the MOST effective tool against social engineering?
A method to transfer risk is to:
When an organization claims it is secure because it is PCI-DSS certified, what is a good first question to ask towards assessing the effectiveness of their security program?
The success of the Chief Information Security Officer is MOST dependent upon:
Who in the organization determines access to information?
Which of the following is a critical operational component of an Incident Response Program (IRP)?
A security manager regualrly checks work areas after buisness hours for security violations; such as unsecured files or unattended computers with active sessions. This activity BEST demonstrates what part of a security program?
A global retail company is creating a new compliance management process. Which of the following regulations is of MOST importance to be tracked and managed by this process?
Which of the following represents the HIGHEST negative impact resulting from an ineffective security governance program?
What type of attack requires the least amount of technical equipment and has the highest success rate?
While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data center?
Which of the following backup sites takes the longest recovery time?
Which wireless encryption technology makes use of temporal keys?
An anonymity network is a series of?
Physical security measures typically include which of the following components?
Which of the following statements about Encapsulating Security Payload (ESP) is true?
Which of the following is a symmetric encryption algorithm?
Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network. Which is the single most important factor to introducing digital evidence into a court of law?
Which of the following is the MAIN security concern for public cloud computing?
In terms of supporting a forensic investigation, it is now imperative that managers, first-responders, etc., accomplish the following actions to the computer under investigation:
The process of identifying and classifying assets is typically included in the
When obtaining new products and services, why is it essential to collaborate with lawyers, IT security professionals, privacy professionals, security engineers, suppliers, and others?
What does RACI stand for?
A bastion host should be placed:
What is a key policy that should be part of the information security plan?
During a cyber incident, which non-security personnel might be needed to assist the security team?
What is a Statement of Objectives (SOA)?
In defining a strategic security plan for an organization, what should a CISO first analyze?
When reviewing a Solution as a Service (SaaS) provider’s security health and posture, which key document should you review?
What is the primary difference between regulations and standards?
When managing a project, the MOST important activity in managing the expectations of stakeholders is:
Which of the following statements below regarding Key Performance indicators (KPIs) are true?
A CISO must conduct risk assessments using a method where the Chief Financial Officer (CFO) receives impact data in financial terms to use as input to select the proper level of coverage in a new cybersecurity insurance policy.
What is the MOST effective method of risk analysis to provide the CFO with the information required?
Which type of physical security control scan a person’s external features through a digital video camera before
granting access to a restricted area?
When analyzing and forecasting a capital expense budget what are not included?
As the CISO you need to write the IT security strategic plan. Which of the following is the MOST important to review before you start writing the plan?
When updating the security strategic planning document what two items must be included?
Which of the following is MOST useful when developing a business case for security initiatives?
Which of the following is a primary method of applying consistent configurations to IT systems?
A system is designed to dynamically block offending Internet IP-addresses from requesting services from a secure website. This type of control is considered
What is the difference between encryption and tokenization?
Which of the following is the MOST effective method for discovering common technical vulnerabilities within the
IT environment?
The newly appointed CISO of an organization is reviewing the IT security strategic plan. Which of the following is the MOST important component of the strategic plan?
Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.
The organization wants a more permanent solution to the threat to user credential compromise through phishing. What technical solution would BEST address this issue?
Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.
How can you reduce the administrative burden of distributing symmetric keys for your employer?
A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?
When operating under severe budget constraints a CISO will have to be creative to maintain a strong security organization. Which example below is the MOST creative way to maintain a strong security posture during these difficult times?
The security team has investigated the theft/loss of several unencrypted laptop computers containing sensitive corporate information. To prevent the loss of any additional corporate data it is unilaterally decided by the CISO that all existing and future laptop computers will be encrypted. Soon, the help desk is flooded with complaints about the slow performance of the laptops and users are upset. What did the CISO do wrong? (choose the BEST answer):
An international organization is planning a project to implement encryption technologies to protect company confidential information. This organization has data centers on three continents. Which of the following would be considered a MAJOR constraint for the project?
A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?
Which of the following represents the best method of ensuring business unit alignment with security program requirements?
When entering into a third party vendor agreement for security services, at what point in the process is it BEST to understand and validate the security posture and compliance level of the vendor?