Which of the following backup methods requires the MOST time to restore data for an application?
Which of the following is MOST important to have in place as a basis for developing an effective information security program that supports the organization's business goals?
Which of the following is the BEST indication ofa successful information security culture?
Which of the following would be MOST useful to a newly hired information security manager who has been tasked with developing and implementing an information security strategy?
Which of the following is the MOST critical factor for information security program success?
Which of the following is MOST important to ensure when developing escalation procedures for an incident response plan?
Which of the following will provide the MOST guidance when deciding the level of protection for an information asset?
An organization permits the storage and use of its critical and sensitive information on employee-owned smartphones. Which of the following is the BEST security control?
An incident response team has been assembled from a group of experienced individuals, Which type of exercise would be MOST beneficial for the team at the first drill?
Which of the following is the BEST indicator of an organization's information security status?
Which of the following should be done FIRST when establishing a new data protection program that must comply with applicable data privacy regulations?
Which of the following is BEST to include in a business case when the return on investment (ROI) for an information security initiative is difficult to calculate?
In an organization with a rapidly changing environment, business management has accepted an information security risk. It is MOST important for the information security manager to ensure:
Which of the following is the BEST approach to make strategic information security decisions?
Which of the following is MOST important for an information security manager to verify when selecting a third-party forensics provider?
When remote access to confidential information is granted to a vendor for analytic purposes, which of the following is the MOST important security consideration?
Which of the following sources is MOST useful when planning a business-aligned information security program?
An organization is aligning its incident response capability with a public cloud service provider. What should be the information security manager's FIRST course of action?
Which of the following is the MOST important consideration when determining which type of failover site to employ?
Data entry functions for a web-based application have been outsourced to a third-party service provider who will work from a remote site Which of the following issues would be of GREATEST concern to an information security manager?
Which of the following is the BEST approach when creating a security policy for a global organization subject to varying laws and regulations?
An organization's security policy is to disable access to USB storage devices on laptops and desktops. Which of the following is the STRONGEST justification for granting an exception to the policy?
An organization's HR department requires that employee account privileges be removed from all corporate IT systems within three days of termination to comply with a government regulation However, the systems all have different user directories, and it currently takes up to four weeks to remove the privileges Which of the following would BEST enable regulatory compliance?
IT projects have gone over budget with too many security controls being added post-production. Which of the following would MOST help to ensure that relevant controls are applied to a project?
Which of the following is MOST critical when creating an incident response plan?
Which is the BEST method to evaluate the effectiveness of an alternate processing site when continuous uptime is required?
The MOST important element in achieving executive commitment to an information security governance program is:
Which of the following should an information security manager do FIRST upon learning that some security hardening settings may negatively impact future business activity?
Which of the following change management procedures is MOST likely to cause concern to the information security manager?
An organization has identified an increased threat of external brute force attacks in its environment. Which of the following is the MOST effective way to mitigate this risk to the organization's critical systems?
An organization is planning to outsource the execution of its disaster recovery activities. Which of the following would be MOST important to include in the outsourcing agreement?
Which of the following is the BEST way to ensure the organization's security objectives are embedded in business operations?
Which of the following activities is designed to handle a control failure that leads to a breach?
During which of the following phases should an incident response team document actions required to remove the threat that caused the incident?
In order to understand an organization's security posture, it is MOST important for an organization's senior leadership to:
An information security manager learns of a new standard related to an emerging technology the organization wants to implement. Which of the following should the information security manager recommend be done FIRST?
When designing a disaster recovery plan (DRP), which of the following MUST be available in order to prioritize system restoration?
Which of the following is the PRIMARY responsibility of an information security manager in an organization that is implementing the use of company-owned mobile devices in its operations?
Which of the following factors has the GREATEST influence on the successful implementation of information security strategy goals?
Which of the following BEST enables an organization to transform its culture to support information security?
Which of the following is the BEST approach for managing user access permissions to ensure alignment with data classification?