QUESTION 21
Which of the following is an information security manager’s BEST course of action when monitoring emerging a privacy laws for a global organization?
A. Conduct an internal audit and identify possible countermeasures.
B. Develop and implement a process to adhere to privacy laws.
C. Develop a risk profile and report significant changes in risk.
D. Determine potential financial impacts and request additional budget.
Correct Answer: B
QUESTION 22
Which of the following is the BEST course of action for an information security manager upon detecting a new risk associated with changes in existing controls?
A. Assess the impact of the new risk.
B. Add the new risk to the risk register.
C. Compare the new risk against the organization’s risk appetite.
D. Inform stakeholders of the new risk.
Correct Answer: A
QUESTION 23
Which of the following is the BEST evidence of a mature information security program?
A. Management has approved the information security policy.
B. Security metrics are defined and measured.
C. IT security staff have implemented strict technical security controls.
D. The organization has a security awareness and training program.
Correct Answer: B
QUESTION 24
Which of the following information security metrics is MOST important to the information security strategy?
A. Annualized loss expectancy (ALE)
B. Total count of information security risks
C. Recovery time objective (RTO)
D. Information security personnel headcount
Correct Answer: A
QUESTION 25
Which of the following BEST facilitates accountability and ownership of risk in an organization?
A. Adoption of a risk and control framework
B. Employee awareness and education
C. Appropriate policies and standards
D. Defined operational procedures
Correct Answer: C
QUESTION 26
An organization that has recently suffered a cyberattack is considering engaging law enforcement. Which of the following is the MOST important course of action for the incident response team?
A. Solicit input from senior management.
B. Engage legal counsel.
C. Encrypt digital evidence.
D. Hire a digital forensic expert for evidence analysis.
Correct Answer: B
QUESTION 27
Which of the following is the PRIMARY benefit of using a centralized incident management system rather than a distributed incident management system?
A. Correlation of incident information from different sources
B. Integration with major ticketing systems
C. Automation of incident reporting and alerting mechanisms
D. Centralized storage of incident-related data
Correct Answer: A
QUESTION 28
Which of the following is the GREATEST risk posed to organizations resulting from the malicious use of Al programs by threat actors?
A. Faster evasion within a network
B. More selective targets
C. More convincing phishing emails
D. Al training poisoning
Correct Answer: C
QUESTION 29
An organization has incorporated Al into a risk assessment strategy to identify regulatory risks. Which of the following is the MOST important consideration associated with Al technology in this context?
A. Access permissions to the learning model
B. Ability to identify risk-relevant information
C. Processing of data based on previous risk levels
D. Reliability of the data used to train the learning model
Correct Answer: D
QUESTION 30
What should be the information security managers FIRST step when updating an information security program?
A. Re-evaluate the organization’s business expectations and objectives.
B. Identify program components that do not align with business objectives.
C. Review costs and benchmark them against industry norms.
D. Interview business unit managers and key stakeholders.
Correct Answer: A
QUESTION 31
Which of the following is the MOST effective way to determine the risk of exposure of critical customer-facing server?
A. Review authentication and authorization controls.
B. Test the incident response plan.
C. Conduct regular audits and assessments.
D. Review the network security architecture.
Correct Answer: D
QUESTION 32
Which type of test is MOST effective in communicating the roles of end users to support timely identification and response to information security incidents?
A. Checklist
B. Parallel
C. Walk-through
D. Complete failover
Correct Answer: C
QUESTION 33
Which of the following would BEST enhance employee compliance with security policies?
A. Require employee signed acceptance of policy.
B. Implement a security awareness program.
C. Incorporate security policy into position descriptions.
D. Administer periodic employee security quizzes.
Correct Answer: B
QUESTION 34
In information security governance, which of the following has PRIMARY responsibility for ensuring compliance with regulations?
A. Senior management
B. Control owners
C. Legal counsel
D. Enterprise risk management (ERM)
Correct Answer: A
QUESTION 35
An organization recently activated its disaster recovery plan (DRP) due to a ransomware attack that compromised its primary site. The secondary site was engaged, and essential services were successfully restored within the defined recovery tme objective (RTO). As part of the recovery, which of the following is the MOST important course of action before activating the secondary site?
A. Update the organization’s risk assessment to reflect the lessons learned from the incident.
B. Conduct an investigation to identify the attack source.
C. Validate the integrity of the data and systems.
D. Review and adjust the business impact analysis (BIA) based on the actual impact of the incident.
Correct Answer: C
QUESTION 36
Behavioral analytics tools are used PRIMARILY to manage risks within an organization by:
A. detecting anomalous user activities.
B. establishing security baselines on endpoints.
C. analyzing communications from external users for malware.
D. preventing the exfiltration of sensitive data.
Correct Answer: A
QUESTION 37
An organization experiences a ransomware attack as a result of an employee clicking on a phishing email. Which of the following should be the FIRST step of the incident eradication process?
A. Restore systems in a clean environment.
B. Update antimalware scan definitions.
C. Identify impacted systems.
D. Patch impacted systems.
Correct Answer: C
QUESTION 38
Which of the following BEST indicates the effectiveness of a recent information security awareness campaign delivered across the organization?
A. Increase in the frequency of security incident escalations
B. Increase in the number of reported security incidents
C. Reduction in the impact of security incidents
D. Decrease in the number of security incidents
Correct Answer: B
QUESTION 39
An independent audit of an organization’s network security has identified several critical risks. Which of the following should the information security manager do NEXT?
A. Assign project resources.
B. Reassess the risks.
C. Assign risk ownership.
D. Identify mitigating controls.
Correct Answer: C
QUESTION 40
Which of the following is the GREATEST concern when an organization migrates sensitive systems to a public cloud service?
A. Weak authentication
B. Insufficient data separation
C. Lack of logging capabilities
D. Insufficient user knowledge
Correct Answer: B
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.