- Email support@dumps4free.com
Topic 1: Exam Pool A
Which of the following is the PRIMARY responsibility of an information security governance
committee?
A.
Reviewing monthly information security metrics
B.
Reviewing the information security risk register
C.
Discussing upcoming information security projects
D.
Approving changes to the information security strategy
Approving changes to the information security strategy
Which of the following BEST demonstrates that an anti-phishing campaign is effective?
A.
Improved feedback on the anti-phishing campaign
B.
Decreased number of incidents that have occurred
C.
Improved staff attendance in awareness sessions
D.
Decreased number of phishing emails received
Decreased number of incidents that have occurred
When establishing metrics for an information security program, the BEST approach is to
identify indicators that:
A.
demonstrate the effectiveness of the security program
B.
reduce information security program spending
C.
reflect the corporate risk culture
D.
support major information security initiatives.
demonstrate the effectiveness of the security program
Which of the following components of an information security risk assessment is MOST
valuable to senior management?
A.
Return on investment (ROI)
B.
Mitigation actions
C.
Residual risk
D.
Threat profile
Residual risk
Which of the following is the BEST way to evaluate the impact of threat events on an
organization's IT operations?
A.
Controls review
B.
Penetration testing
C.
Risk assessment
D.
Scenario analysis
Penetration testing
| Page 10 out of 61 Pages |
| Previous |