Question: 1
Which of the following should be the PRIMARY goal of an information security manager when designing information security policies?
Question: 2
Of the following, who should the security manager consult FIRST when determining the severity level of a security incident involving a third-party vendor?
Question: 3
An organization's information security manager is performing a post-incident review of a security incident in which the following events occurred:
* A bad actor broke into a business-critical FTP server by brute forcing an administrative password
* The third-party service provider hosting the server sent an automated alert message to the help desk, but was ignored
* The bad actor could not access the administrator console, but was exposed to encrypted data transferred to the server
* After three (3) hours, the bad actor deleted the FTP directory, causing incoming FTP attempts by legitimate customers to fail
Which of the following could have been prevented by conducting regular incident response testing?
Question: 4
Which of the following is the MOST effective way to prevent information security incidents?
Question: 5
An information security manager wants to implement a security information and event management (SIEM) system that will aggregate log data from all systems that control perimeter access. Which of the following would BEST support the business case for this initiative to senior management?
