An organization's security policy is to disable access to USB storage devices on laptops and desktops. Which of the following is the STRONGEST justification for granting an exception to the policy?
A multinational organization is required to follow governmental regulations with different security requirements at each of its operating locations. The chief information security officer (CISO) should be MOST concerned with:
Which of the following should an information security manager do FIRST upon learning that some security hardening settings may negatively impact future business activity?
Which of the following is the BEST approach to reduce unnecessary duplication of compliance activities?
Which of the following is the MOST important reason to ensure information security is aligned with the organization's strategy?
Which of the following is the MOST important requirement for a successful security program?
Which of the following change management procedures is MOST likely to cause concern to the information security manager?
Which of the following is MOST important to consider when determining asset valuation?
An information security team has discovered that users are sharing a login account to an application with sensitive information, in violation of the access policy. Business management indicates that the practice creates operational efficiencies. What is the information security manager's BEST course of action?
Which of the following is MOST critical when creating an incident response plan?
Threat and vulnerability assessments are important PRIMARILY because they are:
An anomaly-based intrusion detection system (IDS) operates by gathering data on:
Which of the following BEST enables an organization to transform its culture to support information security?
Which of the following is the BEST indicator of an organization's information security status?
An organization has acquired a company in a foreign country to gain an advantage in a new market. Which of the following is the FIRST step the information security manager should take?
Which of the following is the MOST important detail to capture in an organization's risk register?
An incident management team is alerted ta a suspected security event. Before classifying the suspected event as a security incident, it is MOST important for the security manager to:
How does an incident response team BEST leverage the results of a business impact analysis (BIA)?
An organization is creating a risk mitigation plan that considers redundant power supplies to reduce the business risk associated with critical system outages. Which type of control is being considered?
Reverse lookups can be used to prevent successful:
To overcome the perception that security is a hindrance to business activities, it is important for an information security manager to:
Which of the following is the PRIMARY objective of incident triage?
Which of the following is the GREATEST benefit of conducting an organization-wide security awareness program?
The MOST appropriate time to conduct a disaster recovery test would be after:
Which of the following roles is BEST able to influence the security culture within an organization?
Which of the following BEST indicates that information assets are classified accurately?
Which of the following is an example of risk mitigation?
Which of the following BEST indicates that information security governance and corporate governance are integrated?
Which of the following is the BEST method to protect against emerging advanced persistent threat (APT) actors?
The effectiveness of an information security governance framework will BEST be enhanced if:
Which of the following would BEST justify continued investment in an information security program?
A risk owner has accepted a large amount of risk due to the high cost of controls. Which of the following should be the information security manager's PRIMARY focus in this situation?
An information security manager is assisting in the development of the request for proposal (RFP) for a new outsourced service. This will require the third party to have access to critical business information. The security manager should focus PRIMARILY on defining:
Reevaluation of risk is MOST critical when there is:
The MOST important element in achieving executive commitment to an information security governance program is:
Which of the following is the MOST critical factor for information security program success?
The PRIMARY advantage of involving end users in continuity planning is that they:
Which of the following has the MOST influence on the inherent risk of an information asset?
Which of the following is MOST helpful for determining which information security policies should be implemented by an organization?
An online bank identifies a successful network attack in progress. The bank should FIRST:
A risk assessment exercise has identified the threat of a denial of service (DoS) attack Executive management has decided to take no further action related to this risk. The MO ST likely reason for this decision is
The PRIMARY objective of a post-incident review of an information security incident is to:
A critical server for a hospital has been encrypted by ransomware. The hospital is unable to function effectively without this server Which of the following would MOST effectively allow the hospital to avoid paying the ransom?
Which of the following tasks should be performed once a disaster recovery plan (DRP) has been developed?
Which of the following BEST ensures timely and reliable access to services?
Which of the following is the PRIMARY objective of a business impact analysis (BIA)?
Which of the following is the MOST effective way to help staff members understand their responsibilities for information security?
Which of the following should be the PRIMARY objective of an information security governance framework?