Question: 1
When an organization lacks internal expertise to conduct highly technical forensics investigations, what is the BEST way to ensure effective and timely investigations following an information security incident?
Question: 2
An information security manager has determined that the mean time to prioritize information security incidents has increased to an unacceptable level. Which of the following processes would BEST enable the information security manager to address this concern?
A. Forensic analysis
B. Incident response
Question: 3
Which of the following trends BEST indicates that the maturity level of an information security program is improving?
Question: 4
Which of the following should an information security manager do FIRST upon learning that a data loss prevention (DLP) scanner has identified payment card information (PCI) stored in cleartext within accounting file shares?
Question: 5
An organization rolled out information security awareness training and wants to perform an end-ot-year assessment to determine the program's success. Which of the following would be the BEST indicator of the program's effectiveness?