According to ISO 27001, of the steps for establishing an Information Security Governance program listed below, which comes first?
A global health insurance company is concerned about protecting confidential information. Which of the following is of MOST concern to this organization?
ABC Limited has recently suffered a security breach with customers’ social security number available on the dark web for sale. The CISO, during the time of the incident, has been fired, and you have been hired as the replacement. The analysis of the breach found that the absence of an insider threat program, lack of least privilege policy, and weak access control was to blame. You would like to implement key performance indicators to mitigate the risk.
Which metric would meet the requirement?
The Board of Directors of a publicly-traded company is concerned about the security implications of a strategic project that will migrate 50% of the organization’s information technology assets to the cloud. They have requested a briefing on the project plan and a progress report of the security stream of the project. As the CISO, you have been tasked with preparing the report for the Chief Executive Officer to present.
Using the Earned Value Management (EVM), what does a Cost Variance (CV) of -1,200 mean?
What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
When performing a forensic investigation, what are the two MOST common data sources for obtaining evidence from a computer and mobile devices?
When obtaining new products and services, why is it essential to collaborate with lawyers, IT security professionals, privacy professionals, security engineers, suppliers, and others?
An organization recently acquired a Data Loss Prevention (DLP) solution, and two months after the implementation, it was found that sensitive data was posted to numerous Dark Web sites. The DLP application was checked, and there are no apparent malfunctions and no errors.
What is the MOST likely reason why the sensitive data was posted?
A cloud computing environment that is bound together by technology that allows data and applications to be shared between public and private clouds is BEST referred to as a?
XYZ is a publicly-traded software development company.
Who is ultimately accountable to the shareholders in the event of a cybersecurity breach?
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity.
The performance quality audit activity is done in what project management process group?
From the CISO’s perspective in looking at financial statements, the statement of retained earnings of an organization:
Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network. Which is the single most important factor to introducing digital evidence into a court of law?
What is the FIRST step in developing the vulnerability management program?
Which of the following is a countermeasure to prevent unauthorized database access from web applications?
An access point (AP) is discovered using Wireless Equivalent Protocol (WEP). The ciphertext sent by the AP is encrypted with the same key and cipher used by its stations. What authentication method is being used?
Physical security measures typically include which of the following components?
What type of attack requires the least amount of technical equipment and has the highest success rate?
One of your executives needs to send an important and confidential email. You want to ensure that the message cannot be read by anyone but the recipient. Which of the following keys should be used to encrypt the message?
Which of the following statements about Encapsulating Security Payload (ESP) is true?
Security related breaches are assessed and contained through which of the following?
In terms of supporting a forensic investigation, it is now imperative that managers, first-responders, etc., accomplish the following actions to the computer under investigation:
Which of the following is the MAIN security concern for public cloud computing?
Scenario: You are the CISO and are required to brief the C-level executive team on your information security audit for the year. During your review of the audit findings you discover that many of the controls that were put in place the previous year to correct some of the findings are not performing as needed. You have thirty days until the briefing.
To formulate a remediation plan for the non-performing controls what other document do you need to review before adjusting the controls?
Which of the following conditions would be the MOST probable reason for a security project to be rejected by the executive board of an organization?
Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.
The CISO has been able to implement a number of technical controls and is able to influence the Information Technology teams but has not been able to influence the rest of the organization. From an organizational perspective, which of the following is the LIKELY reason for this?
Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has full access to the data on the foreign server.
Your defenses did not hold up to the test as originally thought. As you investigate how the data was compromised through log analysis you discover that a hardworking, but misguided business intelligence analyst posted the data to an obfuscated URL on a popular cloud storage service so they could work on it from home during their off-time. Which technology or solution could you deploy to prevent employees from removing corporate data from your network? Choose the BEST answer.
Michael starts a new job and discovers that he has unnecessary access to a variety of systems. Which of the
following best describes the problem he has encountered?
Scenario: Most industries require compliance with multiple government regulations and/or industry standards to meet data protection and privacy mandates.
What is one proven method to account for common elements found within separate regulations and/or standards?
During the last decade, what trend has caused the MOST serious issues in relation to physical security?
What is one key difference between Capital expenditures and Operating expenditures?
Which of the following is MOST useful when developing a business case for security initiatives?
Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and
uses the special card in order to access the restricted area of the target company. Just as the employee opens
the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so
that he can enter. What is the best way to undermine the social engineering activity of tailgating?
You are just hired as the new CISO and are being briefed on all the Information Security projects that your section has on going. You discover that most projects are behind schedule and over budget.
Using the best business practices for project management you determine that the project correctly aligns with the company goals and the scope of the project is correct. What is the NEXT step?
The MOST common method to get an unbiased measurement of the effectiveness of an Information Security Management System (ISMS) is to
Which of the following is considered to be an IT governance framework and a supporting toolset that allows for managers to bridge the gap between control requirements, technical issues, and business risks?
Assigning the role and responsibility of Information Assurance to a dedicated and independent security group is an example of:
Creating good security metrics is essential for a CISO. What would be the BEST sources for creating security metrics for baseline defenses coverage?
You work as a project manager for TYU project. You are planning for risk mitigation. You need to quickly identify high-level risks that will need a more in-depth analysis. Which of the following activities will help you in this?
To have accurate and effective information security policies how often should the CISO review the organization policies?
A recent audit has identified a few control exceptions and is recommending the implementation of technology and processes to address the finding. Which of the following is the MOST likely reason for the organization to reject the implementation of the recommended technology and processes?
Which of the following are primary concerns for management with regard to assessing internal control objectives?
When working in the Payment Card Industry (PCI), how often should security logs be review to comply with the standards?
Creating a secondary authentication process for network access would be an example of?
Creating a secondary authentication process for network access would be an example of?
What should an organization do to ensure that they have a sound Business Continuity (BC) Plan?
A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?
Risk appetite directly affects what part of a vulnerability management program?
Which of the following is the MOST important for a CISO to understand when identifying threats?
You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the
A system was hardened at the Operating System level and placed into the production environment. Months later an audit was performed and it identified insecure configuration different from the original hardened state. Which of the following security issues is the MOST likely reason leading to the audit findings?
You manage a newly created Security Operations Center (SOC), your team is being inundated with security alerts and don’t know what to do. What is the BEST approach to handle this situation?
A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?
Which of the following is the MOST important component of any change management process?
When entering into a third party vendor agreement for security services, at what point in the process is it BEST to understand and validate the security posture and compliance level of the vendor?
Which of the following is considered one of the most frequent failures in project management?