Question: 1
An organization implements a data loss prevention tool as a control to mitigate the risk of sensitive data leaving the organization via electronic mail. Which of the following would provide the BEST indication of adequate control design?
Question: 2
During a vulnerability assessment, an IS auditor finds a high-risk vulnerability in a public-facing web server used to process online customer orders via credit card. The IS auditor could FIRST:
Question: 3
Which of the following is MOST important for the improvement of an organization's incident response processes
Question: 4
A complex IS environment which of the following tasks should be performed by the data owner?
Question: 5
Which of the following should be an IS auditor's PRIMARY consideration when evaluating the development and design of a privacy program?