QUESTION 162
The BEST time to classify and categorize a cybersecurity incident is just after:
A. confirmation of the incident is documented.
B. the incident response team is notified.
C. incident handling resources are determined.
D. the impact of the incident is determined.
Correct Answer: B
QUESTION 163
Which of the following BEST demonstrates projected return on investment (ROI) for an information security initiative?
A. Detailed mitigation plan
B. Key performance indicators (KPIs)
C. Business impact analysis (BIA)
D. Business case
Correct Answer: D
QUESTION 164
Which of the following BEST indicates senior management support for an information security program?
A. The information security manager establishes a relationship with business line managers.
B. Detailed information security procedures are documented and communicated.
C. Risk assessments are conducted frequently by the information security team.
D. Key performance indicators (KPIs) are defined for the information security program.
Correct Answer: D
QUESTION 165
Which of the following is the MOST effective way to mitigate against credential stuffing attacks within organizations utilizing cloud-based applications?
A. Mandate complex password policies and regular password changes.
B. Implement multi-factor authentication (MFA) across all user accounts.
C. Educate users on the dangers of password reuse and the importance of credential hygiene.
D. Employ cloud access security brokers (CASBs) to extend security policies to cloud applications.
Correct Answer: B
QUESTION 166
Who are the first line of defense against information security breaches?
A. End users
B. Chief technology officers (CTOs)
C. Information security managers
D. Security administrators
Correct Answer: A
QUESTION 167
Which of the following is MOST important to include in an incident response policy?
A. Updated call trees
B. Press release templates
C. Escalation criteria
D. Inventory of critical backup files
Correct Answer: C
QUESTION 168
After detecting an advanced persistent threat (APT), which of the following should be the information security manager’s FIRST step?
A. Remove the threat.
B. Perform a root cause analysis.
C. Conduct a vulnerability analysis.
D. Notify affected stakeholders.
Correct Answer: D
QUESTION 169
Which of the following should be done FIRST to determine the impact of a new regulatory requirement for cloud services?
A. Review the information asset inventory.
B. Conduct a gap analysis.
C. Determine the applicability.
D. Perform a risk assessment.
Correct Answer: C
QUESTION 170
When recommending compensating controls for a system, which of the following is the MOST useful input?
A. Vendor documentation on secure configurations
B. Cost-benefit analysis
C. Management recommendations
D. Risk assessment results
Correct Answer: D
QUESTION 171
Which of the following should be done FIRST upon learning that a successful phishing attack has resulted in a breach of several databases containing sensitive information?
A. Activate the incident response plan.
B. Disable access to the databases.
C. Close off firewall ports.
D. Alert senior management.
Correct Answer: A
QUESTION 172
Who is PRIMARILY responsible for selecting risk responses for assessed risk?
A. Asset owner
B. Risk owner
C. Information security manager
D. Risk practitioner
Correct Answer: B
QUESTION 173
A critical vulnerability has been discovered in a password vault application, and is being exploited across the business. Who should the information security manager notify FIRST?
A. Key business stakeholders
B. Forensic support
C. Incident response team
D. Law enforcement
Correct Answer: C
QUESTION 174
A country where an organization conducts business has made changes to privacy laws. Which of the following is the information security manager’s BEST course of action?
A. Conduct a risk assessment.
B. Update policies and procedures.
C. Inform the legal department.
D. Design new privacy controls.
Correct Answer: A
QUESTION 175
Which of the following is the BEST security control to minimize the risk of successful ransomware attacks?
A. Host intrusion detection system (IDS)
B. Application allow list
C. Web security gateway
D. Application deny list
Correct Answer: B
QUESTION 176
Which of the following should be the starting point for developing an organizational information security strategy?
A. Gap analysis
B. Budget analysis
C. Business impact analysis (BIA)
D. Policy creation
Correct Answer: C
QUESTION 177
Though a recent advanced persistent threat (APT) attack was successfully handled and contained by the information security team, senior management remains concerned, Which of these initiatives will provide the GREATEST assurance?
A. Revise the incident response plan to reduce recovery times from attacks.
B. Engage a forensic team to confirm the attack has been mitigated.
C. Perform a risk assessment to confirm overall risk is within the tolerance limit.
D. Engage an external audit to verify the security posture meets standards.
Correct Answer: C
QUESTION 178
The PRIMARY reason to create a business continuity plan (BCP) is for incident
A. identification and communication.
B. prevention and mitigation.
C. escalation and triaging.
D. reporting and response initiation.
Correct Answer: A
QUESTION 179
Which of the following provides the MOST meaningful information regarding the effectiveness of an ongoing information security program?
A. Key performance indicators (KPIs)
B. Security incident reports
C. Key risk indicators (KRIs)
D. Gap analysis with industry frameworks
Correct Answer: C
QUESTION 180
An information security manager was informed of new application vulnerabilities detected within similar industry organizations. Which of the following is the manager’s BEST course of action?
A. Initiate an external audit
B. Implement compensating controls.
C. Perform a risk assessment.
D. Perform a business impact analysis (BIA).
Correct Answer: C
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.