Question: 1
Which of the following would BEST indicate the effectiveness of a security awareness training program?
Question: 2
To help ensure the organization s information assets are adequately protected, which of the following considerations is MOST important when developing an information classification and handling policy?
Question: 3
An IS auditor conducting audit follow-up activities learns that some previously agreed-upon corrective actions have not been taken and that the associated risk has been accepted by senior management. If the auditor disagrees with management s decision what is the BEST way to address the situation?
Question: 4
An organization has software that is not compliant with data protection requirements. To help ensure that appropriate and relevant data protection controls are implemented in the future, the auditor s BEST course of action would be to:
Question: 5
Which of the following is BEST addressed when using a timestamp within a digital signature to deliver sensitive financial information?