Which of the following is the primary step in control implementation for a new business application? - correct answer D. Risk assessment
When
... [Show More] implementing an information security program, in which phase of the implementation should metrics be established to assess the effectiveness of the program over time?" - correct answer Either
B. Initiation
C. Design
Data owners are concerned and responsible for who has access to their resources and therefore need to be concerned with the strategy of how to mitigate risk of data resource usage. Which of the following actions facilitates that responsibility? - correct answer B. Entitlement changes
Which of the following is the best method to determine the effectiveness of the incident response process? - correct answer C. Post-incident review
When properly implemented, a risk management program should be designed to reduce an organization's risk to: - correct answer C. A level at which the organization is willing to accept
What controls the process of introducing changes to systems to ensure that unintended changes are not introduced? - correct answer C. Change management
All actions dealing with incidents must be worked with cyclical consideration. What is the primary post-incident review takeaway? - correct answer Either
A. Pursuit of legal action
B. Identify personnel failures
D. Derive ways to improve the response process
If a forensics copy of a hard drive is required for legal matters, which of the following options provide the best solid defense for preservation of evidence? - correct answer C. A bit-by-bit copy of all data
What is the preferred step an ISM should take to ensure the disaster recovery plan is adequate and remains current? - correct answer A. Quarterly reviews of recovery plan information
Which of the following would prove to be the best protection and recovery procedures if an intruder has gained root access to a system? - correct answer Either
A. Use system recovery to restore the last known good image
C. Rebuild the system and its OS and applications using the original vendor media
D. Have all users change passwords
As the increased use of regulation and compliance in the Information Security arena expands, information security managers must work to put tasks into perspective. To do this, ISMs should involve affected organizations and view "regulations" as a? - correct answer Either
A. Risk
B. Legal interpretation
Which of the following is the most significant challenge when developing an incident management plan? - correct answer D. Lack of management and leadership buy-in
Resource allocation is crucial during incident triage as it assists in prioritization and categorization. Why would this be critical for most organizations when conducting triage? - correct answer A. Most organizations have limited incident handling resources
As part of the Risk Management process, assessments must be performed on the information systems and resources of an organization. If there are vulnerabilities disclosed during an assessment, those vulnerabilities should be: - correct answer d. Evaluated and prioritized based on credible threat and impact if exploited and and mitigation cost
A security strategy is important for an organization, and along with the creation of supporting policies. What should the overall planning effort cover? - correct answer Either
A. The logical security architecture for the organization
B. The intent and direction and expectations of management
D. Assist in FISMA audits
What is the most important security objective in creating good procedures to meet the requirements of a relevant policy? - correct answer A. Being comprehensive and unambiguous
Along with attention to detail, what is an additional quality required of an incident handler? - correct answer D. Ability to handle stress
When contracting with an outsourced party to provide security administrators, which is the most important contractual element? - correct answer c. Service Level Agreement (SLA)
To address the ever changing risk and threat, an effective risk management program should: - correct answer A. Ensure the establishment of continuous monitoring processes
When designing an intrusion detection system, where should the information security manager recommend that it be placed? - correct answer C. On a screened subnet
The following statement "risk = value x vulnerability x threat" indicates which of the following: - correct answer c. Risk levels are greater when increased threats meet increased vulnerabilities [Show Less]