Which of the following is BEST to include in a business case when the return on investment (ROI) for an information security initiative is difficult to calculate?
Which of the following is the MOST effective way to address an organizations security concerns during contract negotiations with a third party?
A serious vulnerability was detected in a business application that can be exploited by external attackers to compromise the system. What is the information security manager’s BEST course of action?
Which of the following considerations is MOST important when selecting a third-party intrusion detection system (IDS) vendor?
Which of the following is the PRIMARY role of an information security manager in a software development project?
Which of the following is the BEST approach when creating a security policy for a global organization subject to varying laws and regulations?
An online trading company discovers that a network attack has penetrated the firewall. What should be the information security manager ' s FIRST response?
Which of the following should an information security manager do FIRST when there is a conflict between the organization ' s information security policy and a local regulation?
Which of the following is the PRIMARY impact of organizational culture on the effectiveness of an information security program?
The ULTIMATE responsibility for ensuring the objectives of an information security framework are being met belongs to:
Which of the following is the PRIMARY reason to involve stakeholders from various business units when developing an information security policy?
Which of the following will BEST facilitate timely and effective incident response?
When developing security processes for handling credit card data on the business unit ' s information system, the information security manager should FIRST:
Which of the following BEST demonstrates that an anti-phishing campaign is effective?
An employee of an organization has reported losing a smartphone that contains sensitive information The BEST step to address this situation is to:
Which of the following should be the PRIMARY focus of a status report on the information security program to senior management?
After a ransomware incident an organization ' s systems were restored. Which of the following should be of MOST concern to the information security manager?
A business impact analysis (BIA) BEST enables an organization to establish:
An information security manager is concerned with continued security policy violations in a particular business unit despite recent efforts to rectify the situation. What is the BEST course of action?
Which of the following is MOST important to include in an information security strategy?