Eduardo Castella7911
Quiz por , criado more than 1 year ago

Certificate CISM Quiz sobre CISM 2014 Questions - 2, criado por Eduardo Castella7911 em 17-02-2016.

3074
2
0
Eduardo Castella7911
Criado por Eduardo Castella7911 quase 9 anos atrás
Fechar

CISM 2014 Questions - 2

Questão 1 de 200

1

Strategic alignment is PRIMARILY achieved when services provided by the information security department:

Selecione uma das seguintes:

  • A. reflect the requirements of key business stakeholders.

  • B. reflect the desires of the IT executive team.

  • C. reflect the requirements of industry best practices.

  • D. are reliable and cost-effective.

Explicação

Questão 2 de 200

1

What is the TYPICAL output of a risk assessment?

Selecione uma das seguintes:

  • A. A list of appropriate controls for reducing or eliminating risk

  • B. Documented threats to the organization

  • C. Evaluation of the consequences to the entity

  • D. An inventory of risk that may impact the organization

Explicação

Questão 3 de 200

1

Which of the following actions is the BEST to ensure that incident response activities are consistent with the requirements of business continuity?

Selecione uma das seguintes:

  • A. Develop a scenario and perform a structured walk-through.

  • B. Draft and publish a clear practice for enterprise-level incident response.

  • C. Establish a cross-departmental working group to share perspectives.

  • D. Develop a project plan for end-to-end testing of disaster recovery.

Explicação

Questão 4 de 200

1

What is the BEST risk response for risk scenarios where the likelihood of a disruptive event for an asset is very low, but the potential financial impact is very high?

Selecione uma das seguintes:

  • A. Accept the high cost of protection.

  • B. Implement detective controls.

  • C. Ensure that asset exposure is low.

  • D. Transfer the risk to a third party.

Explicação

Questão 5 de 200

1

An effective risk management program should reduce risk to:

Selecione uma das seguintes:

  • A. zero.

  • B. an acceptable level.

  • C. an acceptable percent of revenue.

  • D. an acceptable probability of occurrence.

Explicação

Questão 6 de 200

1

The formal declaration of organizational information security goals and objectives should be found in the:

Selecione uma das seguintes:

  • A. information security procedures.

  • B. information security principles.

  • C. employee code of conduct.

  • D. information security policy.

Explicação

Questão 7 de 200

1

Which of the following is MOST effective in preventing disruptions to production systems?

Selecione uma das seguintes:

  • A. Patch management

  • B. Security baselines

  • C. Virus detection

  • D. Change management

Explicação

Questão 8 de 200

1

What is the MOST effective access control method to prevent users from sharing files with unauthorized users?

Selecione uma das seguintes:

  • A. Mandatory

  • B. Discretionary

  • C. Walled garden

  • D. Role-based

Explicação

Questão 9 de 200

1

Quantitative risk analysis is MOST appropriate when assessment results:

Selecione uma das seguintes:

  • A. include customer perceptions.

  • B. contain percentage estimates.

  • C. lack specific details.

  • D. contain subjective information.

Explicação

Questão 10 de 200

1

When should risk assessments be performed for optimum effectiveness?

Selecione uma das seguintes:

  • A. At the beginning of security program development

  • B. On a continuous basis

  • C. While developing the business case for the security program

  • D. During the business change process

Explicação

Questão 11 de 200

1

Which of the following is the BEST method or technique to ensure the effective implementation of an information security program?

Selecione uma das seguintes:

  • A. Obtain the support of the board of directors.

  • B. Improve the content of the information security awareness program.

  • C. Improve the employees' knowledge of security policies.

  • D. Implement logical access controls to the information systems.

Explicação

Questão 12 de 200

1

Which of the following is the BEST method to ensure the overall effectiveness of a risk management program?

Selecione uma das seguintes:

  • A. User assessments of changes

  • B. Comparison of the program results with industry standards

  • C. Assignment of risk within the organization

  • D. Participation by all members of the organization

Explicação

Questão 13 de 200

1

Which of the following is MOST important to the success of an information security program?

Selecione uma das seguintes:

  • A. Security awareness training

  • B. Achievable goals and objectives

  • C. Senior management sponsorship

  • D. Adequate start-up budget and staffing

Explicação

Questão 14 de 200

1

Which of the following is the MOST important step before implementing a security policy?

Selecione uma das seguintes:

  • A. Communicating to employees

  • B. Training IT staff

  • C. Identifying relevant technologies for automation

  • D. Obtaining sign-off from stakeholders

Explicação

Questão 15 de 200

1

For global organizations, which of the following is MOST essential to the continuity of operations in an emergency situation?

Selecione uma das seguintes:

  • A. A documented succession plan

  • B. Distribution of key process documents

  • C. A reciprocal agreement with an alternate site

  • D. Strong senior management leadership

Explicação

Questão 16 de 200

1

What is the PRIMARY benefit of a security awareness training program?

Selecione uma das seguintes:

  • A. To reduce the likelihood of an information security event

  • B. To encourage compliance with information security policy

  • C. To comply with the local and industry-specific regulation and legislation

  • D. To provide employees with expectations for information security

Explicação

Questão 17 de 200

1

When the computer incident response team (CIRT) finds clear evidence that a hacker has penetrated the corporate network and modified customer information, an information security manager should FIRST notify:

Selecione uma das seguintes:

  • A. the information security steering committee.

  • B. customers who may be impacted.

  • C. data owners who may be impacted.

  • D. regulatory agencies overseeing privacy.

Explicação

Questão 18 de 200

1

When a major vulnerability in the security of a critical web server is discovered, immediate notification should be made to the:

Selecione uma das seguintes:

  • A. system owner to take corrective action.

  • B. incident response team to investigate.

  • C. data owners to mitigate damage.

  • D. development team to remediate.

Explicação

Questão 19 de 200

1

Which of the following vulnerabilities allowing attackers access to the application database is the MOST serious?

Selecione uma das seguintes:

  • A. Validation checks are missing in data input pages.

  • B. Password rules do not allow sufficient complexity.

  • C. Application transaction log management is weak.

  • D. Application and database share a single access ID.

Explicação

Questão 20 de 200

1

A customer credit card database has been reported as being breached by hackers. What is the FIRST step in dealing with this attack?

Selecione uma das seguintes:

  • A. Confirm the incident.

  • B. Notify senior management.

  • C. Start containment.

  • D. Notify law enforcement.

Explicação

Questão 21 de 200

1

The facilities department of a large financial organization uses electronic swipe cards to manage physical access. The information security manager requests that facilities provide the manager with read-only access to the physical access data. What is the MOST likely purpose?

Selecione uma das seguintes:

  • A. To monitor that personnel are complying with contract provisions

  • B. To determine who is in the building in case of fire

  • C. To compare logical and physical access for anomalies

  • D. To ensure that the physical access control system is operating correctly

Explicação

Questão 22 de 200

1

Who is ultimately responsible for the organization's information?

Selecione uma das seguintes:

  • A. Data custodian

  • B. Chief information security officer (CISO)

  • C. Board of directors

  • D. Chief information officer (CIO)

Explicação

Questão 23 de 200

1

Which of the following is the MOST important consideration for an organization interacting with the media during a disaster?

Selecione uma das seguintes:

  • A. Communicating specially drafted messages by an authorized person

  • B. Refusing to comment until recovery

  • C. Referring the media to the authorities

  • D. Reporting the losses and recovery strategy to the media

Explicação

Questão 24 de 200

1

What should an information security manager focus on when speaking to an organization's human resources department about information security?

Selecione uma das seguintes:

  • A. An adequate budget for the security program

  • B. Recruitment of technical IT employees

  • C. Periodic risk assessments

  • D. Security awareness training for employees

Explicação

Questão 25 de 200

1

Which of the following are the MOST important criteria when selecting virus protection software?

Selecione uma das seguintes:

  • A. Product market share and annualized cost

  • B. Ability to interface with intrusion detection system (IDS) software and firewalls

  • C. Alert notifications and impact assessments for new viruses

  • D. Ease of maintenance and frequency of updates

Explicação

Questão 26 de 200

1

Information security policy enforcement is the responsibility of the:

Selecione uma das seguintes:

  • A. security steering committee.

  • B. chief information officer (CIO).

  • C. chief information security officer (CISO).

  • D. chief compliance officer (CCO).

Explicação

Questão 27 de 200

1

Which of the following helps management determine the resources needed to mitigate a risk to the organization?

Selecione uma das seguintes:

  • A. Risk analysis process

  • B. Business impact analysis (BIA)

  • C. Risk management balanced scorecard

  • D. Risk-based audit program

Explicação

Questão 28 de 200

1

Which of the following is the MOST important consideration when developing an information security strategy?

Selecione uma das seguintes:

  • A. Resources available to implement the program

  • B. Compliance with legal and regulatory constraints

  • C. Effectiveness of risk mitigation

  • D. Resources required to implement the strategy

Explicação

Questão 29 de 200

1

When properly tested, which of the following would MOST effectively support an information security manager in handling a security breach?

Selecione uma das seguintes:

  • A. Business continuity plan

  • B. Disaster recovery plan

  • C. Incident response plan

  • D. Vulnerability management plan

Explicação

Questão 30 de 200

1

From an information security perspective, which of the following will have the GREATEST impact on a financial enterprise with offices in various countries and involved in transborder transactions?

Selecione uma das seguintes:

  • A. Current and future technologies

  • B. Evolving data protection regulations

  • C. Economizing the costs of network bandwidth

  • D. Centralization of information security

Explicação

Questão 31 de 200

1

Which of the following control measures BEST addresses integrity?

Selecione uma das seguintes:

  • A. Nonrepudiation

  • B. Timestamps

  • C. Biometric scanning

  • D. Encryption

Explicação

Questão 32 de 200

1

An employee's computer has been infected with a new virus. What should be the FIRST action?

Selecione uma das seguintes:

  • A. Execute the virus scan.

  • B. Report the incident to senior management.

  • C. Format the hard disk.

  • D. Disconnect the computer from the network.

Explicação

Questão 33 de 200

1

What practice should FIRST be applied to an emergency security patch that has been received via email?

Selecione uma das seguintes:

  • A. The patch should be loaded onto an isolated test machine.

  • B. The patch should be decompiled to check for malicious code.

  • C. The patch should be validated to ensure its authenticity.

  • D. The patch should be copied onto write-once media to prevent tampering.

Explicação

Questão 34 de 200

1

The purpose of incident management and response is to:

Selecione uma das seguintes:

  • A. recover an activity interrupted by an emergency or disaster, within a defined time and cost.

  • B. perform a walk-through of the steps required to recover from an adverse event.

  • C. reduce business disruption insurance premiums for the business.

  • D. address disruptive events with the objective of controlling impacts within acceptable levels.

Explicação

Questão 35 de 200

1

Which of the following is characteristic of decentralized information security management across a geographically dispersed organization?

Selecione uma das seguintes:

  • A. More uniformity in quality of service

  • B. Better adherence to policies

  • C. Better alignment to business unit needs

  • D. More savings in total operating costs

Explicação

Questão 36 de 200

1

Which of the following is the MOST effective way to treat a risk such as a natural disaster that has a low probability and a high impact level?

Selecione uma das seguintes:

  • A. Implement countermeasures.

  • B. Eliminate the risk.

  • C. Transfer the risk.

  • D. Accept the risk.

Explicação

Questão 37 de 200

1

The FIRST step in developing a business case is to:

Selecione uma das seguintes:

  • A. determine the probability of success.

  • B. calculate the return on investment (ROI).

  • C. analyze the cost-effectiveness.

  • D. define the issues to be addressed.

Explicação

Questão 38 de 200

1

Which of the following is the MOST serious exposure of automatically updating virus signature files on every desktop each Friday at 11:00 p.m. (23.00 hrs.)?

Selecione uma das seguintes:

  • A. Most new viruses' signatures are identified over weekends

  • B. Technical personnel are not available to support the operation

  • C. Systems are vulnerable to new viruses during the intervening week

  • D. The update's success or failure is not known until Monday

Explicação

Questão 39 de 200

1

The purpose of an information security policy is to:

Selecione uma das seguintes:

  • A. express clearly and concisely the goals of an information security protection program.

  • B. outline the intended configuration of information system security controls.

  • C. mandate the behavior and acceptable actions of all information system users.

  • D. authorize the steps and procedures necessary to protect critical information systems.

Explicação

Questão 40 de 200

1

What is an advantage of sending messages using steganographic techniques as opposed to utilizing encryption?

Selecione uma das seguintes:

  • A. The existence of messages is unknown.

  • B. Required key sizes are smaller.

  • C. Traffic cannot be sniffed.

  • D. Reliability of the data is higher in transit.

Explicação

Questão 41 de 200

1

Which of the following is the MOST important information to include in a strategic plan for information security?

Selecione uma das seguintes:

  • A. Information security staffing requirements

  • B. Current state and desired future state

  • C. IT capital investment requirements

  • D. Information security mission statement

Explicação

Questão 42 de 200

1

Which of the following represents the MAJOR focus of privacy regulations?

Selecione uma das seguintes:

  • A. Unrestricted data mining

  • B. Identity theft

  • C. Human rights protection

  • D. Identifiable personal data

Explicação

Questão 43 de 200

1

Which of the following requirements is the MOST important when developing information security governance?

Selecione uma das seguintes:

  • A. Complying with applicable corporate standards

  • B. Achieving cost effectiveness of risk mitigation

  • C. Obtaining consensus of business units

  • D. Aligning with organizational goals

Explicação

Questão 44 de 200

1

An organization's board of directors has learned of recent legislation requiring organizations within the industry to enact specific safeguards to protect confidential customer information. What actions should the board take next?

Selecione uma das seguintes:

  • A. Direct information security on what they need to do

  • B. Research solutions to determine the proper solutions

  • C. Require management to report on compliance

  • D. Nothing; information security does not report to the board

Explicação

Questão 45 de 200

1

Once the objective of performing a security review has been defined, the NEXT step for the information security manager is to determine:

Selecione uma das seguintes:

  • A. constraints.

  • B. approach.

  • C. scope.

  • D. results.

Explicação

Questão 46 de 200

1

Which of the following should be identified in the business continuity policy?

Selecione uma das seguintes:

  • A. Emergency call trees

  • B. Recovery criteria

  • C. Business impact assessment (BIA)

  • D. Critical backups inventory

Explicação

Questão 47 de 200

1

An organization is planning to deliver subscription-based educational services to customers online that will require customers to log in with their user IDs and passwords. Which of the following is the BEST method to validate passwords entered by a customer before access to educational resources is granted?

Selecione uma das seguintes:

  • A. Encryption

  • B. Content filtering

  • C. Database hardening

  • D. Hashing

Explicação

Questão 48 de 200

1

Which person or group should have final approval of an organization's information security policies?

Selecione uma das seguintes:

  • A. Business unit managers

  • B. Chief information security officer (CISO)

  • C. Senior management

  • D. Chief information officer (CIO)

Explicação

Questão 49 de 200

1

How can access control to a sensitive intranet application by mobile users BEST be implemented?

Selecione uma das seguintes:

  • A. Through data encryption

  • B. Through digital signatures

  • C. Through strong passwords

  • D. Through two-factor authentication

Explicação

Questão 50 de 200

1

To ensure that all employees follow procedures regarding the integrity and confidentiality of personal identifiable information (PII), a hospital required that policies and procedures be put in place for data access and that all data stored should be encrypted. This is an example of what type of controls?

Selecione uma das seguintes:

  • A. Administrative and technical controls

  • B. Administrative and deterrent controls

  • C. Technical and physical controls

  • D. Administrative and corrective controls

Explicação

Questão 51 de 200

1

Which of the following is MOST likely to be responsible for establishing the information security requirements over an application?

Selecione uma das seguintes:

  • A. IT steering committee

  • B. Data owner

  • C. System owner

  • D. IS auditor

Explicação

Questão 52 de 200

1

Effective governance of enterprise IT is BEST ensured by:

Selecione uma das seguintes:

  • A. utilizing a bottom-up approach.

  • B. management by the IT department.

  • C. referring the matter to the organization's legal department.

  • D. utilizing a top-down approach.

Explicação

Questão 53 de 200

1

After performing an asset classification, the information security manager is BEST able to determine the:

Selecione uma das seguintes:

  • A. level of risk to information resources.

  • B. impact of a compromise.

  • C. requirements for control strength.

  • D. annual loss expectancy (ALE).

Explicação

Questão 54 de 200

1

An information security manager is performing a security review and determines that not all employees comply with the access control policy for the data center. The FIRST step to address this issue should be to:

Selecione uma das seguintes:

  • A. assess the risk of noncompliance.

  • B. initiate security awareness training.

  • C. prepare a status report for management.

  • D. increase compliance enforcement.

Explicação

Questão 55 de 200

1

The MOST effective use of a risk register is to:

Selecione uma das seguintes:

  • A. identify risks and assign roles and responsibilities for mitigation.

  • B. identify threats and probabilities.

  • C. facilitate a thorough review of all IT-related risks on a periodic basis.

  • D. record the annualized financial amount of expected losses due to risks.

Explicação

Questão 56 de 200

1

The factor that is MOST likely to result in identification of security incidents is:

Selecione uma das seguintes:

  • A. effective communication and reporting processes.

  • B. clear policies detailing incident severity levels.

  • C. intrusion detection system (IDS) capabilities.

  • D. security awareness training.

Explicação

Questão 57 de 200

1

Which of the following is the MOST important element to ensure the successful recovery of a business during a disaster?

Selecione uma das seguintes:

  • A. Detailed technical recovery plans are maintained offsite

  • B. Network redundancy is maintained through separate providers

  • C. Hot site equipment needs are recertified on a regular basis

  • D. Appropriate declaration criteria have been established

Explicação

Questão 58 de 200

1

What is the PRIMARY purpose of using risk analysis within a security program?

Selecione uma das seguintes:

  • A. The risk analysis helps justify the security expenditure.

  • B. The risk analysis helps prioritize the assets to be protected.

  • C. The risk analysis helps inform executive management of the residual risk.

  • D. The risk analysis helps assess exposures and plan remediation.

Explicação

Questão 59 de 200

1

What is the MOST cost-effective means of improving security awareness of staff personnel?

Selecione uma das seguintes:

  • A. Employee monetary incentives

  • B. User education and training

  • C. A zero-tolerance security policy

  • D. Reporting of security infractions

Explicação

Questão 60 de 200

1

Which is the BEST way to assess aggregate risk derived from a chain of linked system vulnerabilities?

Selecione uma das seguintes:

  • A. Vulnerability scans

  • B. Penetration tests

  • C. Code reviews

  • D. Security audits

Explicação

Questão 61 de 200

1

Which of the following provides the BEST defense against the introduction of malware in end-user computers via the Internet browser?

Selecione uma das seguintes:

  • A. Input validation checks on SQL injection

  • B. Restricting access to social media sites

  • C. Deleting temporary files

  • D. Restricting execution of mobile code

Explicação

Questão 62 de 200

1

Of the following, retention of business records should be PRIMARILY based on:

Selecione uma das seguintes:

  • A. periodic vulnerability assessment.

  • B. regulatory and legal requirements.

  • C. device storage capacity and longevity.

  • D. past litigation.

Explicação

Questão 63 de 200

1

Which of the following is the BEST way to ensure that an intruder who successfully penetrates a network will be detected before significant damage is inflicted?

Selecione uma das seguintes:

  • A. Perform periodic penetration testing

  • B. Establish minimum security baselines

  • C. Implement vendor default settings

  • D. Install a honeypot on the network

Explicação

Questão 64 de 200

1

A newly hired information security manager notes that existing information security practices and procedures appear ad hoc. Based on this observation, the next action should be to:

Selecione uma das seguintes:

  • A. assess the commitment of senior management to the program.

  • B. assess the maturity level of the organization.

  • C. review the corporate standards.

  • D. review corporate risk management practices.

Explicação

Questão 65 de 200

1

Risk management programs are designed to reduce risk to:

Selecione uma das seguintes:

  • A. a level that is too small to be measurable.

  • B. the point at which the benefit exceeds the expense.

  • C. a level that the organization is willing to accept.

  • D. a rate of return that equals the current cost of capital.

Explicação

Questão 66 de 200

1

An organization's operations staff places payment files in a shared network folder and then the disbursement staff picks up the files for payment processing. This manual intervention will be automated some months later, thus cost-efficient controls are sought to protect against file alterations. Which of the following would be the BEST solution?

Selecione uma das seguintes:

  • A. Design a training program for the staff involved to heighten information security awareness

  • B. Set role-based access permissions on the shared folder

  • C. The end user develops a PC macro program to compare sender and recipient file contents

  • D. Shared folder operators sign an agreement to pledge not to commit fraudulent activities

Explicação

Questão 67 de 200

1

An organization has recently developed and approved an access control policy. Which of the following will be MOST effective in communicating the access control policy to the employees?

Selecione uma das seguintes:

  • A. Requiring employees to formally acknowledge receipt of the policy

  • B. Integrating security requirements into job descriptions

  • C. Making the policy available on the intranet

  • D. Implementing an annual retreat for employees on information security

Explicação

Questão 68 de 200

1

Which of the following is the MOST important area of focus when examining potential security compromise of a new wireless network?

Selecione uma das seguintes:

  • A. Signal strength

  • B. Number of administrators

  • C. Bandwidth

  • D. Encryption strength

Explicação

Questão 69 de 200

1

Which of the following is MOST important when deciding whether to build an alternate facility or subscribe to a third-party hot site?

Selecione uma das seguintes:

  • A. Cost to build a redundant processing facility and invocation

  • B. Daily cost of losing critical systems and recovery time objectives (RTOs)

  • C. Infrastructure complexity and system sensitivity

  • D. Criticality results from the business impact analysis (BIA)

Explicação

Questão 70 de 200

1

Who can BEST approve plans to implement an information security governance framework?

Selecione uma das seguintes:

  • A. Internal auditor

  • B. Information security management

  • C. Steering committee

  • D. Infrastructure management

Explicação

Questão 71 de 200

1

Successful implementation of information security governance will FIRST require:

Selecione uma das seguintes:

  • A. security awareness training.

  • B. updated security policies.

  • C. a computer incident management team.

  • D. a security architecture.

Explicação

Questão 72 de 200

1

Which of the following measures would be MOST effective against insider threats to confidential information?

Selecione uma das seguintes:

  • A. Role-based access control

  • B. Audit trail monitoring

  • C. Privacy policy

  • D. Defense-in-depth

Explicação

Questão 73 de 200

1

When an information security manager is developing a strategic plan for information security, the timeline for the plan should be:

Selecione uma das seguintes:

  • A. aligned with the IT strategic plan.

  • B. based on the current rate of technological change.

  • C. three-to-five years for both hardware and software.

  • D. aligned with the business strategy.

Explicação

Questão 74 de 200

1

What is the PRIMARY basis for the prioritization of security spending and budgeting?

Selecione uma das seguintes:

  • A. The identified levels of risk

  • B. Industry trends

  • C. An increased cost of services

  • D. The allocated revenue of the enterprise

Explicação

Questão 75 de 200

1

Which of the following approaches is BEST for addressing regulatory requirements?

Selecione uma das seguintes:

  • A. Treat regulatory compliance as any other risk.

  • B. Ensure that policies address regulatory requirements.

  • C. Make regulatory compliance mandatory.

  • D. Obtain insurance for noncompliance.

Explicação

Questão 76 de 200

1

What is the BEST way to ensure that an external service provider complies with organizational security policies?

Selecione uma das seguintes:

  • A. Explicitly include the service provider in the security policies

  • B. Receive acknowledgement in writing stating the provider has read all policies

  • C. Cross-reference to policies in the service level agreement

  • D. Perform periodic reviews of the service provider

Explicação

Questão 77 de 200

1

When performing a business impact analysis (BIA), which of the following would be the MOST appropriate to calculate the recovery time and cost estimates?

Selecione uma das seguintes:

  • A. Information security manager

  • B. Information owners

  • C. Business continuity coordinator

  • D. Information technology (IT) operations manager

Explicação

Questão 78 de 200

1

Which of the following is the BEST approach to obtain senior management commitment to the information security program?

Selecione uma das seguintes:

  • A. Describe the reduction of risk.

  • B. Present the emerging threat environment.

  • C. Benchmark against other enterprises.

  • D. Demonstrate the alignment of the program to business objectives.

Explicação

Questão 79 de 200

1

Which of the following would be the BEST indicator of an asset's value to an organization?

Selecione uma das seguintes:

  • A. Risk assessment

  • B. Security audit

  • C. Certification

  • D. Classification

Explicação

Questão 80 de 200

1

An information security manager believes that a network file server was compromised by a hacker. Which of the following should be the FIRST action taken?

Selecione uma das seguintes:

  • A. Ensure that critical data on the server are backed up.

  • B. Shut down the compromised server.

  • C. Initiate the incident response process.

  • D. Shut down the network.

Explicação

Questão 81 de 200

1

Which of the following is an indicator of effective governance?

Selecione uma das seguintes:

  • A. A defined information security architecture

  • B. Compliance with international security standards

  • C. Periodic external audits

  • D. An established risk management program

Explicação

Questão 82 de 200

1

What activity should information security management perform FIRST when assessing the potential impact of new privacy legislation on the organization?

Selecione uma das seguintes:

  • A. Develop an operational plan for achieving compliance with the legislation.

  • B. Identify systems and processes that contain privacy components.

  • C. Restrict the collection of personal information until compliant.

  • D. Identify privacy legislation in other countries that may contain similar requirements.

Explicação

Questão 83 de 200

1

Who has the FINAL responsibility for classifying information?

Selecione uma das seguintes:

  • A. Data custodian

  • B. Legal department

  • C. Data owner

  • D. Chief information security officer (CISO)

Explicação

Questão 84 de 200

1

Which of the following is involved when conducting a business impact analysis (BIA)?

Selecione uma das seguintes:

  • A. Identifying security threats and vulnerabilities

  • B. Developing notification and activation procedures

  • C. Listing investigative priorities

  • D. Listing critical business resources

Explicação

Questão 85 de 200

1

Which of the following has the highest priority when defining an emergency response plan?

Selecione uma das seguintes:

  • A. Critical data

  • B. Critical infrastructure

  • C. Safety of personnel

  • D. Vital records

Explicação

Questão 86 de 200

1

Why is public key infrastructure (PKI) the preferred model when providing encryption keys to a large number of individuals?

Selecione uma das seguintes:

  • A. It is computationally more efficient.

  • B. It is more scalable than a symmetric key.

  • C. It is less costly to maintain than a symmetric key approach.

  • D. It provides greater encryption strength than a secret key model.

Explicação

Questão 87 de 200

1

Which of the following activities will MOST effectively foster effective security behavior?

Selecione uma das seguintes:

  • A. Implementing a security awareness program

  • B. Rewarding compliance with security policies and guidelines

  • C. Implementing a discipline and reward system

  • D. Implementing a whistle-blower hotline

Explicação

Questão 88 de 200

1

How should an information security manager proceed when selecting a public cloud vendor to provide outsourced infrastructure and software?

Selecione uma das seguintes:

  • A. Insist on strict service level agreements (SLAs) to guarantee application availability.

  • B. Verify that the vendor's security architecture meets the organization's requirements.

  • C. Update the organization's security policies to reflect the vendor agreement.

  • D. Consult a third party to provide an audit report to assess the vendor's security program.

Explicação

Questão 89 de 200

1

Once residual risk has been determined, the enterprise should NEXT:

Selecione uma das seguintes:

  • A. transfer the remaining risk to a third party.

  • B. acquire insurance against the effects of the residual risk.

  • C. validate that the residual risk is acceptable.

  • D. formally document and accept the residual risk.

Explicação

Questão 90 de 200

1

The use of insurance is an example of which of the following?

Selecione uma das seguintes:

  • A. Risk mitigation

  • B. Risk acceptance

  • C. Risk elimination

  • D. Risk transfer

Explicação

Questão 91 de 200

1

Who should approve user access in business-critical applications?

Selecione uma das seguintes:

  • A. The information security manager

  • B. The data owner

  • C. The data custodian

  • D. Business management

Explicação

Questão 92 de 200

1

The PRIMARY goal of developing an information security strategy is to:

Selecione uma das seguintes:

  • A. establish security metrics and performance monitoring.

  • B. educate business process owner s regarding their duties.

  • C. ensure that legal and regulatory requirements are met.

  • D. support the business objectives of the organization.

Explicação

Questão 93 de 200

1

To determine how a security breach occurred on the corporate network, a security manager looks at the logs of various devices. Which of the following BEST facilitates the correlation and review of these logs?

Selecione uma das seguintes:

  • A. Database server

  • B. Domain name server (DNS)

  • C. Time server

  • D. Proxy server

Explicação

Questão 94 de 200

1

What is the BEST technique to determine which security controls to implement with a limited budget?

Selecione uma das seguintes:

  • A. Risk analysis

  • B. Annualized loss expectancy (ALE) calculations

  • C. Cost-benefit analysis

  • D. Impact analysis

Explicação

Questão 95 de 200

1

In implementing information security governance, the information security manager is PRIMARILY responsible for:

Selecione uma das seguintes:

  • A. developing the security strategy.

  • B. reviewing the security strategy.

  • C. communicating the security strategy.

  • D. approving the security strategy.

Explicação

Questão 96 de 200

1

Who has the inherent authority to grant an exception to information security policy?

Selecione uma das seguintes:

  • A. The business process owner

  • B. The departmental manager

  • C. The policy approver

  • D. The information security manager

Explicação

Questão 97 de 200

1

What should be the PRIMARY basis of a road map for implementing information security governance?

Selecione uma das seguintes:

  • A. Policies

  • B. Architecture

  • C. Legal requirements

  • D. Strategy

Explicação

Questão 98 de 200

1

Which of the following would BEST address the risk of data leakage?

Selecione uma das seguintes:

  • A. File backup procedures

  • B. Database integrity checks

  • C. Acceptable use policies

  • D. Incident response procedures

Explicação

Questão 99 de 200

1

Which of the following is the BEST approach to deal with inadequate funding of the information security program?

Selecione uma das seguintes:

  • A. Eliminate low-priority security services.

  • B. Require management to accept the increased risk.

  • C. Use third-party providers for low-risk activities.

  • D. Reduce monitoring and compliance enforcement activities.

Explicação

Questão 100 de 200

1

Which of the following events generally has the highest information security impact?

Selecione uma das seguintes:

  • A. Opening a new office

  • B. Merging with another organization

  • C. Relocating the data center

  • D. Rewiring the network

Explicação

Questão 101 de 200

1

An organization's board of directors is concerned about recent fraud attempts that originated over the Internet. What action should the board take to address this concern?

Selecione uma das seguintes:

  • A. Direct information security regarding specific resolutions that are needed to address the risk.

  • B. Research solutions to determine appropriate actions for the company.

  • C. Take no action; information security does not report to the board.

  • D. Direct management to assess the risk and to report the results to the board.

Explicação

Questão 102 de 200

1

An information security manager wants to implement a security information and event management system (SIEM) not funded in the current budget. Which of the following choices is MOST likely to persuade management of this need?

Selecione uma das seguintes:

  • A. A comprehensive risk assessment

  • B. An enterprisewide impact assessment

  • C. A well-developed business case

  • D. Computing the net present value (NPV) of future savings

Explicação

Questão 103 de 200

1

Which of the following should be performed FIRST in the aftermath of a denial-of-service attack?

Selecione uma das seguintes:

  • A. Restore servers from backup media stored offsite

  • B. Conduct an assessment to determine system status

  • C. Perform an impact analysis of the outage

  • D. Isolate the screened subnet

Explicação

Questão 104 de 200

1

When a significant security breach occurs, what should be reported FIRST to senior management?

Selecione uma das seguintes:

  • A. A summary of the security logs that illustrates the sequence of events

  • B. An explanation of the incident and corrective action taken

  • C. An analysis of the impact of similar attacks at other organizations

  • D. A business case for implementing stronger logical access controls

Explicação

Questão 105 de 200

1

Which of the following are the essential ingredients of a business impact analysis (BIA)?

Selecione uma das seguintes:

  • A. Downtime tolerance, resources and criticality

  • B. Cost of business outages in a year as a factor of the security budget

  • C. Business continuity testing methodology being deployed

  • D. Structure of the crisis management team

Explicação

Questão 106 de 200

1

The use of public key encryption for the purpose of providing encryption keys between a large number of individuals is preferred PRIMARILY because:

Selecione uma das seguintes:

  • A. public key encryption is computationally more efficient.

  • B. scaling is less of a problem than using a symmetrical key.

  • C. public key encryption is less costly to maintain than symmetric key approaches.

  • D. public key encryption provides greater encryption strength than secret key options.

Explicação

Questão 107 de 200

1

What is the FIRST step of performing an information risk analysis?

Selecione uma das seguintes:

  • A. Establish the ownership of assets.

  • B. Evaluate the risks to the assets.

  • C. Take an asset inventory.

  • D. Categorize the assets.

Explicação

Questão 108 de 200

1

Integrating a number of different activities in the development of an information security infrastructure is BEST achieved by developing:

Selecione uma das seguintes:

  • A. a business plan.

  • B. an architecture.

  • C. requirements.

  • D. specifications.

Explicação

Questão 109 de 200

1

Which of the following is the MOST important guideline when using software to scan for security exposures within a corporate network?

Selecione uma das seguintes:

  • A. Never use open source tools

  • B. Focus only on production servers

  • C. Follow a linear process for attacks

  • D. Do not interrupt production processes

Explicação

Questão 110 de 200

1

Which of the following would be the BEST approach to securing approval for information security expenditures?

Selecione uma das seguintes:

  • A. Developing a business case

  • B. Conducting a cost-benefit analysis

  • C. Calculating return on investment (ROI)

  • D. Evaluating loss history

Explicação

Questão 111 de 200

1

Asset classification should be MOSTLY based on:

Selecione uma das seguintes:

  • A. business value.

  • B. book value.

  • C. replacement cost.

  • D. initial cost.

Explicação

Questão 112 de 200

1

At what interval should a risk assessment TYPICALLY be conducted?

Selecione uma das seguintes:

  • A. Once a year for each business process and subprocess

  • B. Every three to six months for critical business processes

  • C. On a continuous basis

  • D. Annually or whenever there is a significant change

Explicação

Questão 113 de 200

1

Untested response plans:

Selecione uma das seguintes:

  • A. depend on up-to-date contact information.

  • B. pose an unacceptable risk to the organization.

  • C. pose a risk that the plan will not work when needed.

  • D. are quickly distinguished from tested plans.

Explicação

Questão 114 de 200

1

Which of the following situations must be corrected FIRST to ensure successful information security governance within an organization?

Selecione uma das seguintes:

  • A. The information security department has had difficulty filling vacancies.

  • B. The chief information officer (CIO) approves changes to the security policy.

  • C. The information security oversight committee only meets quarterly.

  • D. The data center manager has final signoff on all security projects.

Explicação

Questão 115 de 200

1

An organization's chief information security officer (CISO) would like to ensure that operations are prioritized correctly for recovery in case of a disaster. Which of the following would be the BEST to use?

Selecione uma das seguintes:

  • A. A business impact assessment

  • B. An organization risk assessment

  • C. A business process map

  • D. A threat statement

Explicação

Questão 116 de 200

1

What task should be performed once a security incident has been verified?

Selecione uma das seguintes:

  • A. Identify the incident.

  • B. Contain the incident.

  • C. Determine the root cause of the incident.

  • D. Perform a vulnerability assessment.

Explicação

Questão 117 de 200

1

An organization has commissioned an information security expert to perform network penetration testing and has provided the expert with information about the infrastructure to be tested. The benefit of this approach is:

Selecione uma das seguintes:

  • A. more time is devoted to exploitation than to fingerprinting and discovery.

  • B. this accurately simulates an external hacking attempt.

  • C. the ability to exploit Transmission Control Protocol/Internet Protocol (TCP/IP) vulnerabilities.

  • D. the elimination of the need for penetration testing tools.

Explicação

Questão 118 de 200

1

Which of the following is the BEST way to mitigate the risk of the database administrator reading sensitive data from the database?

Selecione uma das seguintes:

  • A. Log all access to sensitive data.

  • B. Employ application-level encryption.

  • C. Install a database monitoring solution.

  • D. Develop a data security policy.

Explicação

Questão 119 de 200

1

Which of the following is MOST essential when assessing risk?

Selecione uma das seguintes:

  • A. Providing equal coverage for all asset types

  • B. Benchmarking data from similar organizations

  • C. Considering both monetary value and likelihood of loss

  • D. Focusing on valid past threats and business losses

Explicação

Questão 120 de 200

1

Obtaining another party's public key is required to initiate which of the following activities?

Selecione uma das seguintes:

  • A. Authorization

  • B. Digital signing

  • C. Authentication

  • D. Nonrepudiation

Explicação

Questão 121 de 200

1

A regulatory authority has just introduced a new regulation pertaining to the release of quarterly financial results. The FIRST task that the security officer should perform is to:

Selecione uma das seguintes:

  • A. identify whether current controls are adequate.

  • B. communicate the new requirement to audit.

  • C. implement the requirements of the new regulation.

  • D. conduct a cost-benefit analysis of implementing the control.

Explicação

Questão 122 de 200

1

Which of the following is the MOST important to ensure a successful recovery?

Selecione uma das seguintes:

  • A. Backup media is stored offsite

  • B. Recovery location is secure and accessible

  • C. More than one hot site is available

  • D. Network alternate links are regularly tested

Explicação

Questão 123 de 200

1

Which of the following is the MOST important consideration when developing a service level agreement (SLA) to mitigate the risk that outsourcing will result in a loss to the business?

Selecione uma das seguintes:

  • A. The nature of the indemnity clause

  • B. Ensuring that the business objectives are defined and met

  • C. Alignment of information system security objectives with enterprise goals

  • D. Compliance with legal requirements

Explicação

Questão 124 de 200

1

Which of the following BEST prevents successful social engineering attacks?

Selecione uma das seguintes:

  • A. Preemployment screening

  • B. Close monitoring of users' access patterns

  • C. Periodic awareness training

  • D. Efficient termination procedures

Explicação

Questão 125 de 200

1

The assessment of risk is always subjective. To improve accuracy, which of the following is the MOST important action to take?

Selecione uma das seguintes:

  • A. Train or "calibrate" the assessor.

  • B. Utilize only standardized approaches.

  • C. Ensure the impartiality of the assessor.

  • D. Utilize multiple methods of analysis.

Explicação

Questão 126 de 200

1

The decision as to whether an IT risk has been reduced to an acceptable level should be determined by:

Selecione uma das seguintes:

  • A. organizational requirements.

  • B. information systems requirements.

  • C. information security requirements.

  • D. international standards.

Explicação

Questão 127 de 200

1

Which of the following is the MOST critical activity to ensure the ongoing security of outsourced IT services?

Selecione uma das seguintes:

  • A. Provide security awareness training to the third-party provider's employees

  • B. Conduct regular security reviews of the third-party provider

  • C. Include security requirements in the service contract

  • D. Request that the third-party provider comply with the organization's information security policy

Explicação

Questão 128 de 200

1

What is the MOST important reason for conducting security awareness programs throughout an organization?

Selecione uma das seguintes:

  • A. Reducing the human risk

  • B. Maintaining evidence of training records to ensure compliance

  • C. Informing business units about the security strategy

  • D. Training personnel in security incident response

Explicação

Questão 129 de 200

1

The PRIMARY reason to consider information security during the first stage of a project life cycle is:

Selecione uma das seguintes:

  • A. the cost of security is higher in later stages.

  • B. information security may affect project feasibility.

  • C. information security is essential to project approval.

  • D. it ensures proper project classification.

Explicação

Questão 130 de 200

1

Which of the following should be the PRIMARY basis for making a decision to establish an alternate site for disaster recovery?

Selecione uma das seguintes:

  • A. A business impact analysis (BIA), which identifies the requirements for continuous availability of critical business processes

  • B. Adequate distance between the primary site and the alternate site so that the same disaster does not simultaneously impact both sites

  • C. A benchmarking analysis of similarly situated enterprises in the same geographic region to demonstrate due diligence

  • D. Differences between the regulatory requirements applicable at the primary site and those at the alternate site

Explicação

Questão 131 de 200

1

Why is "slack space" of value to an information security manager as part of an incident investigation?

Selecione uma das seguintes:

  • A. Hidden data may be stored there

  • B. The slack space contains login information

  • C. Slack space is encrypted

  • D. It provides flexible space for the investigation

Explicação

Questão 132 de 200

1

Which of the following areas is MOST susceptible to the introduction of security weaknesses?

Selecione uma das seguintes:

  • A. Database management

  • B. Tape backup management

  • C. Configuration management

  • D. Incident response management

Explicação

Questão 133 de 200

1

Several business units reported problems with their systems after multiple security patches were deployed. What is the FIRST step to handle this problem?

Selecione uma das seguintes:

  • A. Assess the problems and institute rollback procedures, if needed.

  • B. Disconnect the systems from the network until the problems are corrected.

  • C. Uninstall the patches from these systems.

  • D. Contact the vendor regarding the problems that occurred.

Explicação

Questão 134 de 200

1

Which of the following choices BEST helps determine appropriate levels of information resource protection?

Selecione uma das seguintes:

  • A. A business case

  • B. A vulnerability assessment

  • C. Asset classification

  • D. Asset valuation

Explicação

Questão 135 de 200

1

In a social engineering scenario, which of the following will MOST likely reduce the likelihood of an unauthorized individual gaining access to computing resources?

Selecione uma das seguintes:

  • A. Implementing on-screen masking of passwords

  • B. Conducting periodic security awareness programs

  • C. Increasing the frequency of password changes

  • D. Requiring that passwords be kept strictly confidential

Explicação

Questão 136 de 200

1

An appropriate control for ensuring the authenticity of orders received in an electronic data interchange (EDI) system application is to:

Selecione uma das seguintes:

  • A. acknowledge receipt of electronic orders with a confirmation message.

  • B. perform reasonableness checks on quantities ordered before filling orders.

  • C. encrypt electronic orders.

  • D. verify the identity of senders and determine whether orders correspond to contract terms.

Explicação

Questão 137 de 200

1

Which of the following is the BEST approach to mitigate online brute-force attacks on user accounts?

Selecione uma das seguintes:

  • A. Passwords stored in encrypted form

  • B. User awareness

  • C. Strong passwords that are changed periodically

  • D. Implementation of lock-out policies

Explicação

Questão 138 de 200

1

Which of the following BEST ensures nonrepudiation?

Selecione uma das seguintes:

  • A. Delivery path tracing

  • B. Reverse lookup translation

  • C. Out-of-band channels

  • D. Digital signatures

Explicação

Questão 139 de 200

1

What must change management achieve from a risk management perspective?

Selecione uma das seguintes:

  • A. It must be operated by information security to ensure that security is maintained.

  • B. It must be overseen by the steering committee because of its importance.

  • C. It must be secondary to release and configuration management.

  • D. It must include mandatory notification of the information security department.

Explicação

Questão 140 de 200

1

Addressing risk at various life cycle stages is BEST supported by:

Selecione uma das seguintes:

  • A. change management.

  • B. release management.

  • C. incident management.

  • D. configuration management.

Explicação

Questão 141 de 200

1

Which of the following choices is the MOST important incident response resource for timely identification of an information security incident?

Selecione uma das seguintes:

  • A. A fully updated intrusion detection system (IDS)

  • B. Multiple channels for distribution of information

  • C. A well-defined and structured communication plan

  • D. A regular schedule for review of network device logs

Explicação

Questão 142 de 200

1

What makes an incident management program effective?

Selecione uma das seguintes:

  • A. It identifies, assesses and prevents reoccurrence of incidents.

  • B. It detects and documents incidents.

  • C. It includes a risk management strategy.

  • D. It reflects the capabilities of the organization.

Explicação

Questão 143 de 200

1

Which of the following is the MOST effective at preventing an unauthorized individual from following an authorized person through a secured entrance (tailgating or piggybacking)?

Selecione uma das seguintes:

  • A. Card-key door locks

  • B. Photo identification

  • C. Biometric scanners

  • D. Awareness training

Explicação

Questão 144 de 200

1

What is the PRIMARY goal of developing an information security program?

Selecione uma das seguintes:

  • A. To implement the strategy

  • B. To optimize resources

  • C. To deliver on metrics

  • D. To achieve assurance

Explicação

Questão 145 de 200

1

Responsibility for information security and related activities involves multiple departments. What is the PRIMARY reason the information security manager should develop processes that integrate these roles and responsibilities?

Selecione uma das seguintes:

  • A. To mitigate the tendency for security gaps to exist between assurance functions

  • B. To reduce manpower requirements for providing effective information security

  • C. To ensure effective business continuity and disaster recovery

  • D. To simplify specification development and acquisition processes

Explicação

Questão 146 de 200

1

An organization plans to contract with an outside service provider to host its corporate web site. The MOST important concern for the information security manager is to ensure that:

Selecione uma das seguintes:

  • A. an audit of the service provider uncovers no significant weakness.

  • B. the contract includes a nondisclosure agreement (NDA) to protect the organization's intellectual property.

  • C. the contract should mandate that the service provider will comply with security policies.

  • D. the third-party service provider conducts regular penetration testing.

Explicação

Questão 147 de 200

1

What is the BEST way to ensure data protection upon termination of employment?

Selecione uma das seguintes:

  • A. Retrieve identification badge and card keys

  • B. Retrieve all personal computer equipment

  • C. Erase all of the employee's folders

  • D. Ensure all logical access is removed

Explicação

Questão 148 de 200

1

The FIRST step to create an internal culture that embraces information security is to:

Selecione uma das seguintes:

  • A. implement stronger controls.

  • B. conduct periodic awareness training.

  • C. actively monitor operations.

  • D. gain endorsement from executive management.

Explicação

Questão 149 de 200

1

Which of the following is MOST important for measuring the effectiveness of a security awareness program?

Selecione uma das seguintes:

  • A. Reduced number of security violation reports

  • B. A quantitative evaluation to ensure user comprehension

  • C. Increased interest in focus groups on security issues

  • D. Increased number of security violation reports

Explicação

Questão 150 de 200

1

Highly integrated enterprise IT systems pose a challenge to the information security manager when attempting to set security baselines PRIMARILY from the perspective of:

Selecione uma das seguintes:

  • A. increased difficulty in problem management.

  • B. added complexity in incident management.

  • C. determining the impact of cascading risk.

  • D. less flexibility in setting service delivery objectives.

Explicação

Questão 151 de 200

1

Who is responsible for ensuring that information is classified?

Selecione uma das seguintes:

  • A. Senior management

  • B. The security manager

  • C. The data owner

  • D. The data custodian

Explicação

Questão 152 de 200

1

Evidence from a compromised server has to be acquired for a forensic investigation. What would be the BEST source?

Selecione uma das seguintes:

  • A. A bit-level copy of all hard drive data

  • B. The last verified backup stored offsite

  • C. Data from volatile memory

  • D. Backup servers

Explicação

Questão 153 de 200

1

What is the PRIMARY role of the information security manager related to the data classification and handling process within an organization?

Selecione uma das seguintes:

  • A. Defining and ratifying the organization's data classification structure

  • B. Assigning the classification levels to the information assets

  • C. Securing information assets in accordance with their data classification

  • D. Confirming that information assets have been properly classified

Explicação

Questão 154 de 200

1

After completing a full IT risk assessment, who is in the BEST position to decide which mitigating controls should be implemented?

Selecione uma das seguintes:

  • A. Senior management

  • B. The business manager

  • C. The IT audit manager

  • D. The information security officer (ISO)

Explicação

Questão 155 de 200

1

Which of the following items is the BEST basis for determining the value of intangible assets?

Selecione uma das seguintes:

  • A. Contribution to revenue generation

  • B. A business impact analysis (BIA)

  • C. Threat assessment and analysis

  • D. Replacement costs

Explicação

Questão 156 de 200

1

Which of the following needs to be MOST seriously considered when designing a risk-based incident response management program?

Selecione uma das seguintes:

  • A. The chance of collusion among staff

  • B. Degradation of investigation quality

  • C. Minimization of false-positive alerts

  • D. Monitoring repeated low-risk events

Explicação

Questão 157 de 200

1

Which of the following is the MOST appropriate control to address compliance with specific regulatory requirements?

Selecione uma das seguintes:

  • A. Policies

  • B. Standards

  • C. Procedures

  • D. Guidelines

Explicação

Questão 158 de 200

1

What should documented standards/procedures for the use of cryptography across the enterprise achieve?

Selecione uma das seguintes:

  • A. They should define the circumstances where cryptography should be used.

  • B. They should define cryptographic algorithms and key lengths.

  • C. They should describe handling procedures of cryptographic keys.

  • D. They should establish the use of cryptographic solutions.

Explicação

Questão 159 de 200

1

A project manager is developing a developer portal and requests that the security manager assign a public IP address so that it can be accessed by in-house staff and by external consultants outside the organization's local area network (LAN). What should the security manager do FIRST?

Selecione uma das seguintes:

  • A. Understand the business requirements of the developer portal

  • B. Perform a vulnerability assessment of the developer portal

  • C. Install an intrusion detection system (IDS)

  • D. Obtain a signed nondisclosure agreement (NDA) from the external consultants before allowing external access to the server

Explicação

Questão 160 de 200

1

Which of the following BEST describes the key objective of an information security program?

Selecione uma das seguintes:

  • A. Achieve strategic business goals and objectives.

  • B. Protect information assets using manual and automated controls.

  • C. Automate information security controls.

  • D. Eliminate threats to the organization.

Explicação

Questão 161 de 200

1

Which of the following is MOST important when collecting evidence for forensic analysis?

Selecione uma das seguintes:

  • A. Ensure the assignment of qualified personnel.

  • B. Request the IT department do an image copy.

  • C. Disconnect from the network and isolate the affected devices.

  • D. Ensure law enforcement personnel are present before the forensic analysis commences.

Explicação

Questão 162 de 200

1

During a business continuity plan (BCP) test, one department discovered that its new software application was not going to be restored soon enough to meet the needs of the business. This situation can be avoided in the future by:

Selecione uma das seguintes:

  • A. conducting a periodic and event-driven business impact analysis (BIA) to determine the needs of the business during a recovery.

  • B. assigning new applications a higher degree of importance and scheduling them for recovery first.

  • C. developing a help-desk ticket process that allows departments to request recovery of software during a disaster.

  • D. conducting a thorough risk assessment prior to purchasing the software.

Explicação

Questão 163 de 200

1

What activity BEST helps ensure that contract personnel do not obtain unauthorized access to sensitive information?

Selecione uma das seguintes:

  • A. Set accounts to pre-expire

  • B. Avoid granting system administration roles

  • C. Ensure they successfully pass background checks

  • D. Ensure their access is approved by the data owner

Explicação

Questão 164 de 200

1

Which of the following is MOST important in developing a security strategy?

Selecione uma das seguintes:

  • A. Creating a positive business security environment

  • B. Understanding key business objectives

  • C. Having a reporting line to senior management

  • D. Allocating sufficient resources to information security

Explicação

Questão 165 de 200

1

What action should an incident response team take if the investigation of an incident response event cannot be completed in the time allocated?

Selecione uma das seguintes:

  • A. Continue to work the current action.

  • B. Escalate to the next level for resolution.

  • C. Skip on to the next action in the plan.

  • D. Declare a disaster.

Explicação

Questão 166 de 200

1

Who is accountable for ensuring that information is categorized and that specific protective measures are taken?

Selecione uma das seguintes:

  • A. The security officer

  • B. Senior management

  • C. The end user

  • D. The custodian

Explicação

Questão 167 de 200

1

A web-based business application is being migrated from test to production. Which of the following is the MOST important management signoff for this migration?

Selecione uma das seguintes:

  • A. User

  • B. Network

  • C. Operations

  • D. Database

Explicação

Questão 168 de 200

1

An enterprise is implementing an information security program. During which phase of the implementation should metrics be established to assess the effectiveness of the program over time?

Selecione uma das seguintes:

  • A. Testing

  • B. Initiation

  • C. Design

  • D. Development

Explicação

Questão 169 de 200

1

Systems thinking as it relates to information security is:

Selecione uma das seguintes:

  • A. a prescriptive methodology for designing the systems architecture.

  • B. an understanding that the whole is greater than the sum of its parts.

  • C. a process that ensures alignment with business objectives.

  • D. a framework for information security governance.

Explicação

Questão 170 de 200

1

Which of the following MOST effectively reduces false-positive alerts generated by a security information and event management (SIEM) process?

Selecione uma das seguintes:

  • A. Building use cases

  • B. Conducting a network traffic analysis

  • C. Performing an asset-based risk assessment

  • D. The quality of the logs

Explicação

Questão 171 de 200

1

The return on investment of information security can BEST be evaluated through which of the following?

Selecione uma das seguintes:

  • A. Support of business objectives

  • B. Security metrics

  • C. Security deliverables

  • D. Process improvement models

Explicação

Questão 172 de 200

1

Which of the following MOST commonly falls within the scope of an information security governance steering committee?

Selecione uma das seguintes:

  • A. Interviewing candidates for information security specialist positions

  • B. Developing content for security awareness programs

  • C. Prioritizing information security initiatives

  • D. Approving access to critical financial systems

Explicação

Questão 173 de 200

1

Due to limited storage media, an IT operations employee has requested permission to overwrite data stored on a magnetic tape. The decision of the authorizing manager will MOST likely be influenced by the data:

Selecione uma das seguintes:

  • A. classification policy.

  • B. retention policy.

  • C. creation policy.

  • D. leakage protection.

Explicação

Questão 174 de 200

1

Which of the following indicators is MOST likely to be of strategic value?

Selecione uma das seguintes:

  • A. Number of users with privileged access

  • B. Trends in incident frequency

  • C. Annual network downtime

  • D. Vulnerability scan results

Explicação

Questão 175 de 200

1

What is a PRIMARY characteristic of a well-established information security culture?

Selecione uma das seguintes:

  • A. Alignment of information security and business objectives

  • B. Alignment of security controls with information technology

  • C. Alignment of concurrent security strategies

  • D. Alignment of values to protect corporate assets

Explicação

Questão 176 de 200

1

Which of the following is the BEST method for ensuring that temporary employees do not receive excessive access rights?

Selecione uma das seguintes:

  • A. Mandatory access controls

  • B. Discretionary access controls

  • C. Lattice-based access controls

  • D. Role-based access controls

Explicação

Questão 177 de 200

1

When outsourcing to an offshore provider, the MOST difficult element to determine during a security review will be:

Selecione uma das seguintes:

  • A. technical competency.

  • B. incompatible culture.

  • C. defense in depth.

  • D. adequate policies.

Explicação

Questão 178 de 200

1

An internal review of a web-based application system reveals that it is possible to gain access to all employees' accounts by changing the employee's ID used for accessing the account on the URL. The vulnerability identified is:

Selecione uma das seguintes:

  • A. broken authentication.

  • B. unvalidated input.

  • C. cross-site scripting.

  • D. structured query language (SQL) injection.

Explicação

Questão 179 de 200

1

Which of the following roles is PRIMARILY responsible for determining the information classification levels for a given information asset?

Selecione uma das seguintes:

  • A. Manager

  • B. Custodian

  • C. User

  • D. Owner

Explicação

Questão 180 de 200

1

What is the FIRST action an information security manager should take when a company laptop is reported stolen?

Selecione uma das seguintes:

  • A. Evaluate the impact of the information loss

  • B. Update the corporate laptop inventory

  • C. Ensure compliance with reporting procedures

  • D. Disable the user account immediately

Explicação

Questão 181 de 200

1

Which one of the following considerations is MOST likely to be overlooked when conducting an information security review of a potential outsourcing service provider?

Selecione uma das seguintes:

  • A. Cultural differences

  • B. Technical competency

  • C. Adequate controls

  • D. Information security policies

Explicação

Questão 182 de 200

1

While implementing information security governance an organization should FIRST:

Selecione uma das seguintes:

  • A. adopt security standards.

  • B. determine security baselines.

  • C. define the security strategy.

  • D. establish security policies.

Explicação

Questão 183 de 200

1

Which of the following risk scenarios would BEST be assessed using qualitative risk assessment techniques?

Selecione uma das seguintes:

  • A. Theft of purchased software

  • B. Power outage lasting 24 hours

  • C. Permanent decline in customer confidence

  • D. Temporary loss of email services

Explicação

Questão 184 de 200

1

There is a delay between the time when a security vulnerability is first published, and the time when a patch is delivered. Which of the following should be carried out FIRST to mitigate the risk during this time period?

Selecione uma das seguintes:

  • A. Identify the vulnerable systems and apply compensating controls

  • B. Minimize the use of vulnerable systems

  • C. Communicate the vulnerability to system users

  • D. Update the signatures database of the intrusion detection system (IDS)

Explicação

Questão 185 de 200

1

Which of the following BEST indicates senior management commitment toward supporting information security?

Selecione uma das seguintes:

  • A. Assessment of risk to the assets

  • B. Approval of risk management methodology

  • C. Review of inherent risk to information assets

  • D. Review of residual risk for information assets

Explicação

Questão 186 de 200

1

Which of the following is the BEST source for determining the value of information assets?

Selecione uma das seguintes:

  • A. Individual business managers

  • B. Business systems analysts

  • C. Information security management

  • D. Industry benchmarking results

Explicação

Questão 187 de 200

1

Business objectives should be evident in the security strategy by:

Selecione uma das seguintes:

  • A. inferred connections.

  • B. standardized controls.

  • C. managed constraints.

  • D. direct traceability.

Explicação

Questão 188 de 200

1

A financial institution plans to allocate information security resources to each of its business divisions. What areas should security activities focus on?

Selecione uma das seguintes:

  • A. Areas where strict regulatory requirements apply

  • B. Areas that require the shortest recovery time objective (RTO)

  • C. Areas that can maximize return on security investment (ROSI)

  • D. Areas where threat likelihood and impact are greatest

Explicação

Questão 189 de 200

1

Which of the following gives the MOST assurance of the effectiveness of an organization's disaster recovery plan (DRP)?

Selecione uma das seguintes:

  • A. Checklist test

  • B. Tabletop exercise

  • C. Full interruption test

  • D. Simulation test

Explicação

Questão 190 de 200

1

The MOST likely reason that management would choose not to mitigate a risk that exceeds the risk appetite is that it:

Selecione uma das seguintes:

  • A. is the residual risk after controls are applied.

  • B. is a risk that is expensive to mitigate.

  • C. falls within the risk tolerance level.

  • D. is a risk of relatively low frequency.

Explicação

Questão 191 de 200

1

What is the BEST approach to manage a security incident involving a successful penetration?

Selecione uma das seguintes:

  • A. Allow business processes to continue during the response.

  • B. Allow the security team to assess the attack profile.

  • C. Permit the incident to continue to trace the source.

  • D. Examine the incident response process for deficiencies.

Explicação

Questão 192 de 200

1

Which of the following is the MOST likely outcome of a well-designed information security awareness course?

Selecione uma das seguintes:

  • A. Increased reporting of security incidents to the incident response function

  • B. Decreased reporting of security incidents to the incident response function

  • C. Decrease in the number of password resets

  • D. Increase in the number of identified system vulnerabilities

Explicação

Questão 193 de 200

1

Which of the following techniques MOST clearly indicates whether specific risk-reduction controls should be implemented?

Selecione uma das seguintes:

  • A. Cost-benefit analysis

  • B. Penetration testing

  • C. Frequent risk assessment programs

  • D. Annual loss expectancy (ALE) calculation

Explicação

Questão 194 de 200

1

Which of the following recovery strategies has the GREATEST chance of failure?

Selecione uma das seguintes:

  • A. Hot site

  • B. Redundant site

  • C. Reciprocal arrangement

  • D. Cold site

Explicação

Questão 195 de 200

1

Requiring all employees and contractors to meet personnel security/suitability requirements commensurate with their position sensitivity level and subject to personnel screening is an example of a security:

Selecione uma das seguintes:

  • A. policy.

  • B. strategy.

  • C. guideline.

  • D. baseline.

Explicação

Questão 196 de 200

1

Which of the following is MOST important to understand when developing a meaningful information security strategy?

Selecione uma das seguintes:

  • A. Regulatory environment

  • B. International security standards

  • C. Organizational risks

  • D. Organizational goals

Explicação

Questão 197 de 200

1

In a large enterprise, what makes an information security awareness program MOST effective?

Selecione uma das seguintes:

  • A. The program is developed by a professional training company.

  • B. The program is embedded into the orientation process.

  • C. The program is customized to the audience using the appropriate delivery channel.

  • D. The program is required by the information security policy.

Explicação

Questão 198 de 200

1

Which of the following controls would BEST prevent accidental system shutdown from the console or operations area?

Selecione uma das seguintes:

  • A. Redundant power supplies

  • B. Protective switch covers

  • C. Shutdown alarms

  • D. Biometric readers

Explicação

Questão 199 de 200

1

A company has installed biometric fingerprint scanners at all entrances in response to a management requirement for better access control. Due to the large number of employees coupled with a slow system response, it takes a substantial amount of time for all workers to gain access to the building and workers are increasingly piggybacking. What is the BEST course of action for the information security manager to address this issue?

Selecione uma das seguintes:

  • A. Replace the system for better response time.

  • B. Escalate the issue to management.

  • C. Revert to manual entry control procedures.

  • D. Increase compliance enforcement.

Explicação

Questão 200 de 200

1

Which of the following is the FIRST action to be taken when the information security manager notes that the controls for a critical application are inadequate?

Selecione uma das seguintes:

  • A. Perform a risk assessment to determine the level of exposure.

  • B. Classify the risk as acceptable to senior management.

  • C. Deploy additional countermeasures immediately.

  • D. Transfer the remaining risk to another organization.

Explicação