NEW QUESTION 1

Which of the following is the MOST important component of any change management process?

• A. Scheduling
• B. Back-out procedures
• C. Outage planning
• D. Management approval

Answer: D

NEW QUESTION 2

Which of the following are primary concerns for management with regard to assessing internal control objectives?

• A. Confidentiality, Availability, Integrity
• B. Compliance, Effectiveness, Efficiency
• C. Communication, Reliability, Cost
• D. Confidentiality, Compliance, Cost

Answer: B

NEW QUESTION 3

The Information Security Management program MUST protect:

• A. all organizational assets
• B. critical business processes and /or revenue streams
• C. intellectual property released into the public domain
• D. against distributed denial of service attacks

Answer: B

NEW QUESTION 4

As a CISO you need to understand the steps that are used to perform an attack against a network. Put each step into the correct order.
1.Covering tracks 2.Scanning and enumeration 3.Maintaining Access 4.Reconnaissance
5.Gaining Access

• A. 4, 2, 5, 3, 1
• B. 2, 5, 3, 1, 4
• C. 4, 5, 2, 3, 1
• D. 4, 3, 5, 2, 1

Answer: A

NEW QUESTION 5

A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?

• A. Alignment with the business
• B. Effective use of existing technologies
• C. Leveraging existing implementations
• D. Proper budget management

Answer: A

NEW QUESTION 6

An organization has defined a set of standard security controls. This organization has also defined the circumstances and conditions in which they must be applied. What is the NEXT logical step in applying the controls in the organization?

• A. Determine the risk tolerance
• B. Perform an asset classification
• C. Create an architecture gap analysis
• D. Analyze existing controls on systems

Answer: B

NEW QUESTION 7

SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.
The CISO has implemented remediation activities. Which of the following is the MOST logical next step?

• A. Validate the effectiveness of applied controls
• B. Validate security program resource requirements
• C. Report the audit findings and remediation status to business stake holders
• D. Review security procedures to determine if they need modified according to findings

Answer: A

NEW QUESTION 8

As a new CISO at a large healthcare company you are told that everyone has to badge in to get in the building. Below your office window you notice a door that is normally propped open during the day for groups of people to take breaks outside. Upon looking closer you see there is no badge reader. What should you do?

• A. Nothing, this falls outside your area of influence.
• B. Close and chain the door shut and send a company-wide memo banning the practice.
• C. Have a risk assessment performed.
• D. Post a guard at the door to maintain physical security

Answer: C

NEW QUESTION 9

What role should the CISO play in properly scoping a PCI environment?

• A. Validate the business units’ suggestions as to what should be included in the scoping process
• B. Work with a Qualified Security Assessor (QSA) to determine the scope of the PCI environment
• C. Ensure internal scope validation is completed and that an assessment has been done to discover all credit card data
• D. Complete the self-assessment questionnaire and work with an Approved Scanning Vendor (ASV) to determine scope

Answer: :C

NEW QUESTION 10

The ability to hold intruders accountable in a court of law is important. Which of the following activities are needed to ensure the highest possibility for successful prosecution?

• A. Well established and defined digital forensics process
• B. Establishing Enterprise-owned Botnets for preemptive attacks
• C. Be able to retaliate under the framework of Active Defense
• D. Collaboration with law enforcement

Answer: A

NEW QUESTION 11

The exposure factor of a threat to your organization is defined by?

• A. Asset value times exposure factor
• B. Annual rate of occurrence
• C. Annual loss expectancy minus current cost of controls
• D. Percentage of loss experienced due to a realized threat event

Answer: D

NEW QUESTION 12

The success of the Chief Information Security Officer is MOST dependent upon:

• A. favorable audit findings
• B. following the recommendations of consultants and contractors
• C. development of relationships with organization executives
• D. raising awareness of security issues with end users

Answer: C

NEW QUESTION 13

The purpose of NIST SP 800-53 as part of the NIST System Certification and Accreditation Project is to establish a set of standardized, minimum security controls for IT systems
addressing low, moderate, and high levels of concern for

• A. Confidentiality, Integrity and Availability
• B. Assurance, Compliance and Availability
• C. International Compliance
• D. Integrity and Availability

Answer: A

NEW QUESTION 14

Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has full access to the data on the foreign server.
What action should you take FIRST?

• A. Destroy the repository of stolen data
• B. Contact your local law enforcement agency
• C. Consult with other C-Level executives to develop an action plan
• D. Contract with a credit reporting company for paid monitoring services for affected customers

Answer: C

NEW QUESTION 15

A severe security threat has been detected on your corporate network. As CISO you quickly assemble key members of the Information Technology team and business operations to determine a modification to security controls in response to the threat. This is an example of:

• A. Change management
• B. Business continuity planning
• C. Security Incident Response
• D. Thought leadership

Answer: C

NEW QUESTION 16

A Security Operations Centre (SOC) manager is informed that a database containing highly sensitive corporate strategy information is under attack. Information has been stolen and the database server was disconnected. Who must be informed of this incident?

• A. Internal audit
• B. The data owner
• C. All executive staff
• D. Government regulators

Answer: B

NEW QUESTION 17
......