- Email support@dumps4free.com
Topic 1: Governance (Policy, Legal & Compliance)
Which of the following is used to establish and maintain a framework to provide assurance that information security strategies are aligned with organizational objectives?
A.
Awareness
B.
Compliance
C.
Governance
D.
Management
Governance
Ensuring that the actions of a set of people, applications and systems follow the organization’s rules is BEST described as:
A.
Risk management
B.
Security management
C.
Mitigation management
D.
Compliance management
Compliance management
A security manager regualrly checks work areas after buisness hours for security violations; such as unsecured files or unattended computers with active sessions. This activity BEST demonstrates what part of a security program?
A.
Audit validation
B.
Physical control testing
C.
Compliance management
D.
Security awareness training
Compliance management
When choosing a risk mitigation method what is the MOST important factor?
A.
Approval from the board of directors
B.
Cost of the mitigation is less than the risk
C.
Metrics of mitigation method success
D.
Mitigation method complies with PCI regulations
Cost of the mitigation is less than the risk
Which of the following is MOST likely to be discretionary?
A.
Policies
B.
Procedures
C.
Guidelines
D.
Standards
Guidelines
| Page 11 out of 89 Pages |
| Previous |