Which of the following strategies provides the BEST response to a ransomware attack?
While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data center?
You are having a penetration test done on your company network and the leader of the team says they discovered all the network devices because no one had changed the Simple Network Management Protocol (SNMP) community strings from the defaults. Which of the following is a default community string?
An access point (AP) is discovered using Wireless Equivalent Protocol (WEP). The ciphertext sent by the AP is encrypted with the same key and cipher used by its stations. What authentication method is being used?
Which of the following is a countermeasure to prevent unauthorized database access from web applications?
In terms of supporting a forensic investigation, it is now imperative that managers, first-responders, etc., accomplish the following actions to the computer under investigation:
Which of the following statements about Encapsulating Security Payload (ESP) is true?
Which of the following reports should you as an IT auditor use to check on compliance with a service level agreement’s requirement for uptime?
An audit was conducted and many critical applications were found to have no disaster recovery plans in place. You conduct a Business Impact Analysis (BIA) to determine impact to the company for each application. What should be the NEXT step?
An organization has implemented a change management process for all changes to the IT production environment. This change management process follows best practices and is expected to help stabilize the availability and integrity of the organization’s IT environment. Which of the following can be used to measure the effectiveness of this newly implemented process:
Which of the following are necessary to formulate responses to external audit findings?
Many times a CISO may have to speak to the Board of Directors (BOD) about their cyber security posture. What would be the BEST choice of security metrics to present to the BOD?
Which of the following BEST describes an international standard framework that is based on the security model Information Technology—Code of Practice for Information Security Management?
Which of the following is a benefit of a risk-based approach to audit planning?
At which point should the identity access management team be notified of the termination of an employee?
Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?
The mean time to patch, number of virus outbreaks prevented, and number of vulnerabilities mitigated are examples of what type of performance metrics?
What is the BEST way to achieve on-going compliance monitoring in an organization?
Which of the following is a critical operational component of an Incident Response Program (IRP)?
A global health insurance company is concerned about protecting confidential information. Which of the following is of MOST concern to this organization?
A company wants to fill a Chief Information Security Officer position in the organization. They need to define and implement a more holistic security program. Which of the following qualifications and experience would be MOST desirable to find in a candidate?
Quantitative Risk Assessments have the following advantages over qualitative risk assessments:
When an organization claims it is secure because it is PCI-DSS certified, what is a good first question to ask towards assessing the effectiveness of their security program?
Risk appetite directly affects what part of a vulnerability management program?
Which of the following are the MOST important factors for proactively determining system vulnerabilities?
When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?
A global retail company is creating a new compliance management process. Which of the following regulations is of MOST importance to be tracked and managed by this process?
As the Risk Manager of an organization, you are task with managing vendor risk assessments. During the assessment, you identified that the vendor is engaged with high profiled clients, and bad publicity can jeopardize your own brand.
Which is the BEST type of risk that defines this event?
The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help mitigate the risks?
Which of the following is critical in creating a security program aligned with an organization’s goals?
A severe security threat has been detected on your corporate network. As CISO you quickly assemble key members of the Information Technology team and business operations to determine a modification to security controls in response to the threat. This is an example of:
A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?
An organization has a stated requirement to block certain traffic on networks. The implementation of controls will disrupt a manufacturing process and cause unacceptable delays, resulting in sever revenue disruptions. Which of the following is MOST likely to be responsible for accepting the risk until mitigating controls can be implemented?
You are the CISO of a commercial social media organization. The leadership wants to rapidly create new methods of sharing customer data through creative linkages with mobile devices. You have voiced concern about privacy regulations but the velocity of the business is given priority. Which of the following BEST describes this organization?
A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?
Which of the following is considered one of the most frequent failures in project management?
A system was hardened at the Operating System level and placed into the production environment. Months later an audit was performed and it identified insecure configuration different from the original hardened state. Which of the following security issues is the MOST likely reason leading to the audit findings?
A recommended method to document the respective roles of groups and individuals for a given process is to:
Which of the following is the MOST important component of any change management process?
If a competitor wants to cause damage to your organization, steal critical secrets, or put you out of business,
they just have to find a job opening, prepare someone to pass the interview, have that person hired, and they
will be in the organization. How would you prevent such type of attacks?
Which of the following conditions would be the MOST probable reason for a security project to be rejected by the executive board of an organization?
Which regulation or policy governs protection of personally identifiable user data gathered during a cyber investigation?
Which technology can provide a computing environment without requiring a dedicated hardware backend?
Michael starts a new job and discovers that he has unnecessary access to a variety of systems. Which of the
following best describes the problem he has encountered?
Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.
Which of the following is the reason the CISO has not been able to advance the security agenda in this organization?
The Annualized Loss Expectancy (Before) minus Annualized Loss Expectancy (After) minus Annual Safeguard Cost is the formula for determining:
Which of the following terms is used to describe countermeasures implemented to minimize risks to physical
property, information, and computing systems?