Which of the following functions MUST your Information Security Governance program include for formal organizational reporting?
Which of the following is MOST important when dealing with an Information Security Steering committee:
You manage a newly created Security Operations Center (SOC), your team is being inundated with security alerts and don’t know what to do. What is the BEST approach to handle this situation?
Scenario: You are the CISO and have just completed your first risk assessment for your organization. You find many risks with no security controls, and some risks with inadequate controls. You assign work to your staff to create or adjust existing security controls to ensure they are adequate for risk mitigation needs.
When formulating the remediation plan, what is a required input?
Scenario: You are the newly hired Chief Information Security Officer for a company that has not previously had a senior level security practitioner. The company lacks a defined security policy and framework for their Information Security Program. Your new boss, the Chief Financial Officer, has asked you to draft an outline of a security policy and recommend an industry/sector neutral information security control framework for implementation.
Which of the following industry / sector neutral information security control frameworks should you recommend for implementation?
As the Business Continuity Coordinator of a financial services organization, you are responsible for ensuring assets are recovered timely in the event of a disaster. Which is the BEST Disaster Recovery performance indicator to validate that you are prepared for a disaster?
Scenario: As you begin to develop the program for your organization, you assess the corporate culture and determine that there is a pervasive opinion that the security program only slows things down and limits the performance of the “real workers.”
What must you do first in order to shift the prevailing opinion and reshape corporate culture to understand the value of information security to the organization?
Which of the following best describes the sensors designed to project and detect a light beam across an area?
The new CISO was informed of all the Information Security projects that the organization has in progress. Two projects are over a year behind schedule and over budget. Using best business practices for project management you determine that the project correctly aligns with the company goals.
Which of the following needs to be performed NEXT?
Which of the following is the MOST important reason for performing assessments of the security portfolio?
A CISO wants to change the defense strategy to ward off attackers. To accomplish this the CISO is looking to a strategy where attackers are lured into a zone of a safe network where attackers can be monitored, controlled, quarantined, or eradicated.
Which of the following is a countermeasure to prevent unauthorized database access from web applications?
In terms of supporting a forensic investigation, it is now imperative that managers, first-responders, etc., accomplish the following actions to the computer under investigation:
While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data center?
What type of attack requires the least amount of technical equipment and has the highest success rate?
You are having a penetration test done on your company network and the leader of the team says they discovered all the network devices because no one had changed the Simple Network Management Protocol (SNMP) community strings from the defaults. Which of the following is a default community string?
One of your executives needs to send an important and confidential email. You want to ensure that the message cannot be read by anyone but the recipient. Which of the following keys should be used to encrypt the message?
Physical security measures typically include which of the following components?
From the CISO’s perspective in looking at financial statements, the statement of retained earnings of an organization:
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity.
The performance quality audit activity is done in what project management process group?
To make sure that the actions of all employees, applications, and systems follow the organization’s rules and regulations can BEST be described as which of the following?
What organizational structure combines the functional and project structures to create a hybrid of the two?
What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
As the Risk Manager of an organization, you are task with managing vendor risk assessments. During the assessment, you identified that the vendor is engaged with high profiled clients, and bad publicity can jeopardize your own brand.
Which is the BEST type of risk that defines this event?
You have been promoted to the CISO of a big-box retail store chain reporting to the Chief Information Officer (CIO). The CIO’s first mandate to you is to develop a cybersecurity compliance framework that will meet all the store’s compliance requirements.
Which of the following compliance standard is the MOST important to the organization?
As a CISO you need to understand the steps that are used to perform an attack against a network. Put each step into the correct order.
1.Covering tracks
2.Scanning and enumeration
3.Maintaining Access
4.Reconnaissance
5.Gaining Access
When operating under severe budget constraints a CISO will have to be creative to maintain a strong security organization. Which example below is the MOST creative way to maintain a strong security posture during these difficult times?
Which of the following organizations is typically in charge of validating the implementation and effectiveness of security controls?
The mean time to patch, number of virus outbreaks prevented, and number of vulnerabilities mitigated are examples of what type of performance metrics?
Which of the following are necessary to formulate responses to external audit findings?
When you develop your audit remediation plan what is the MOST important criteria?
A missing/ineffective security control is identified. Which of the following should be the NEXT step?
To have accurate and effective information security policies how often should the CISO review the organization policies?
Which of the following is a term related to risk management that represents the estimated frequency at which a threat is expected to transpire?
An organization has implemented a change management process for all changes to the IT production environment. This change management process follows best practices and is expected to help stabilize the availability and integrity of the organization’s IT environment. Which of the following can be used to measure the effectiveness of this newly implemented process:
Which of the following best represents a calculation for Annual Loss Expectancy (ALE)?
Which of the following reports should you as an IT auditor use to check on compliance with a service level agreement’s requirement for uptime?
Which of the following is critical in creating a security program aligned with an organization’s goals?
A consultant is hired to do physical penetration testing at a large financial company. In the first day of his
assessment, the consultant goes to the company’s building dressed like an electrician and waits in the lobby for
an employee to pass through the main access gate, then the consultant follows the employee behind to get into
the restricted area. Which type of attack did the consultant perform?
The general ledger setup function in an enterprise resource package allows for setting accounting periods. Access to this function has been permitted to users in finance, the shipping department, and production scheduling. What is the most likely reason for such broad access?
A CISO must conduct risk assessments using a method where the Chief Financial Officer (CFO) receives impact data in financial terms to use as input to select the proper level of coverage in a new cybersecurity insurance policy.
What is the MOST effective method of risk analysis to provide the CFO with the information required?
When reviewing a Solution as a Service (SaaS) provider’s security health and posture, which key document should you review?
Your organization provides open guest wireless access with no captive portals. What can you do to assist with law enforcement investigations if one of your guests is suspected of committing an illegal act using your network?
What oversight should the information security team have in the change management process for application security?
Information Security is often considered an excessive, after-the-fact cost when a project or initiative is completed. What can be done to ensure that security is addressed cost effectively?
Which of the following is considered one of the most frequent failures in project management?
Which of the following will be MOST helpful for getting an Information Security project that is behind schedule back on schedule?
A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?
Using the Transport Layer Security (TLS) protocol enables a client in a network to be:
Which of the following is used to establish and maintain a framework to provide assurance that information security strategies are aligned with organizational objectives?