- Email support@dumps4free.com
Topic 1: Governance (Policy, Legal & Compliance)
When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?
A.
Escalation
B.
Recovery
C.
Eradication
D.
Containment
Containment
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
A.
Data breach disclosure
B.
Consumer right disclosure
C.
Security incident disclosure
D.
Special circumstance disclosure
Data breach disclosure
From an information security perspective, information that no longer supports the main purpose of the business should be:
A.
assessed by a business impact analysis.
B.
protected under the information classification policy.
C.
analyzed under the data ownership policy.
D.
analyzed under the retention policy
analyzed under the retention policy
What is the BEST way to achieve on-going compliance monitoring in an organization?
A.
Only check compliance right before the auditors are scheduled to arrive onsite.
B.
Outsource compliance to a 3rd party vendor and let them manage the program.
C.
Have Compliance and Information Security partner to correct issues as they arise.
D.
Have Compliance direct Information Security to fix issues after the auditors report.
Have Compliance and Information Security partner to correct issues as they arise.
The single most important consideration to make when developing your security program, policies, and processes is:
A.
Budgeting for unforeseen data compromises
B.
Streamlining for efficiency
C.
Alignment with the business
D.
Establishing your authority as the Security Executive
Alignment with the business
| Page 12 out of 89 Pages |
| Previous |