- Email support@dumps4free.com
Topic 1: Exam Pool A
Which of the following BEST enables effective information security governance?
A.
Security-aware corporate culture
B.
Periodic vulnerability assessments
C.
Established information security metrics
D.
Advanced security technologies
Established information security metrics
An information security manager has determined that the mean time to prioritize
information security incidents has increased to an unacceptable level. Which of the
following processes would BEST enable the information security manager to address this
concern?
A.
Vulnerability assessment
B.
Forensic analysis
C.
Incident response
D.
Incident classification
Incident classification
Which of the following is the MAIN objective of a risk management program?
A.
Reduce costs associated with incident response.
B.
Reduce risk to the maximum extent possible
C.
Reduce risk to the level of the organization’s risk appetite
D.
Reduce corporate liability for information security incidents
Reduce risk to the level of the organization’s risk appetite
The BEST way to report to the board on the effectiveness of the information security
program is to present:
A.
a dashboard illustrating key performance metrics
B.
a summary of the most recent audit findings.
C.
A report of cost savings from process improvements.
D.
peer-group industry benchmarks.
a dashboard illustrating key performance metrics
Which of the following should be the PRIMARY driver for selecting and implementing
appropriate controls to address the risk associated with weal user passwords?
A.
The cost of risk mitigation controls
B.
The organization’s risk tolerance
C.
The organization’s culture
D.
Direction from senior management
The cost of risk mitigation controls
| Page 8 out of 61 Pages |
| Previous |