- Email support@dumps4free.com
Topic 1: Exam Pool A
Which of the following is the MOST important consideration when selecting members for an
information security steering committee?
A.
Information security expertise
B.
Cross-functional composition
C.
Tenure in the organization
D.
Business expertise
Cross-functional composition
When evaluating vendors for sensitive data processing, which of the following should be
the FIRST step to ensure the correct level of information security is provided?
A.
Include information security criteria as part of vendor selection
B.
Develop metrics for vendor performance
C.
Review third-party reports of potential vendors
D.
Include information security clauses in the vendor contract
Include information security clauses in the vendor contract
The PRIMARY reason for defining the information security roles and responsibilities of staff
throughout an organization is to:
A.
comply with security policy.
B.
increase corporate accountability
C.
enforce individual accountability
D.
reinforce the need for training.
enforce individual accountability
A corporate information security program is BEST positioned for success when:
A.
the program aligns with industry best practice.
B.
senior management supports the program
C.
security is thoroughly assessed in the program
D.
Staff is receptive to the program
senior management supports the program
An information security manager's PRIMARY objective for presenting key risks to the board
of directors is to:
A.
re-evaluate the risk appetite
B.
meet information security compliance requirements.
C.
ensure appropriate information security governance.
D.
quantify reputational risks
re-evaluate the risk appetite
| Page 12 out of 61 Pages |
| Previous |