لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
After obtaining commitment from senior management, which of the following should be completed NEXT when establishing an information security program?
A. Define security metrics
B. Conduct a risk assessment
C. Perform a gap analysis
D. Procure security tools
عرض الإجابة
اجابة صحيحة: D
السؤال #2
The MOST effective way to ensure that outsourced service providers comply with the organization's information security policy would be:
A. service level monitorin
B. penetration testin
C. periodically auditin
D. security awareness trainin
عرض الإجابة
اجابة صحيحة: A
السؤال #3
What does a network vulnerability assessment intend to identify?
A. 0-day vulnerabilities
B. Malicious software and spyware
C. Security design flaws
D. Misconfiguration and missing updates
عرض الإجابة
اجابة صحيحة: D
السؤال #4
When developing an information security program, what is the MOST useful source of information for determining available resources?
A. Proficiency test
B. Job descriptions
C. Organization chart
D. Skills inventory
عرض الإجابة
اجابة صحيحة: B
السؤال #5
Which of (lie following would be the MOST relevant factor when defining the information classification policy?
A. Quantity of information
B. Available IT infrastructure
C. Benchmarking
D. Requirements of data owners
عرض الإجابة
اجابة صحيحة: B
السؤال #6
Which of the following individuals would be in the BEST position to sponsor the creation of an information security steering group?
A. Information security manager
B. Chief operating officer (COO)
C. Internal auditor
D. Legal counsel
عرض الإجابة
اجابة صحيحة: B
السؤال #7
Which of the following would be the FIRST step in establishing an information security program?
A. Develop the security polic
B. Develop security operating procedure
C. Develop the security pla
D. Conduct a security controls stud
عرض الإجابة
اجابة صحيحة: A
السؤال #8
The IT function has declared that, when putting a new application into production, it is not necessary to update the business impact analysis (BIA) because it does not produce modifications in the business processes. The information security manager should:
A. verify the decision with the business unit
B. check the system's risk analysi
C. recommend update after post implementation revie
D. request an audit revie
عرض الإجابة
اجابة صحيحة: C
السؤال #9
Obtaining senior management support for establishing a warm site can BEST be accomplished by:
A. establishing a periodic risk assessmen
B. promoting regulatory requirement
C. developing a business cas
D. developing effective metric
عرض الإجابة
اجابة صحيحة: D
السؤال #10
Minimum standards for securing the technical infrastructure should be defined in a security:
A. strateg
B. guideline
C. mode
D. architectur
عرض الإجابة
اجابة صحيحة: C
السؤال #11
Investment in security technology and processes should be based on:
A. clear alignment with the goals and objectives of the organizatio
B. success cases that have been experienced in previous project
C. best business practice
D. safeguards that are inherent in existing technolog
عرض الإجابة
اجابة صحيحة: A
السؤال #12
When the computer incident response team (CIRT) finds clear evidence that a hacker has penetrated the corporate network and modified customer information, an information security manager should FIRST notify:
A. the information security steering committe
B. customers who may be impacte
C. data owners who may be impacte
D. regulatory- agencies overseeing privac
عرض الإجابة
اجابة صحيحة: B
السؤال #13
An organization without any formal information security program that has decided to implement information security best practices should FIRST:
A. invite an external consultant to create the security strateg
B. allocate budget based on best practice
C. benchmark similar organization
D. define high-level business security requirement
عرض الإجابة
اجابة صحيحة: A
السؤال #14
A risk mitigation report would include recommendations for:
A. assessmen
B. acceptance
C. evaluatio
D. quantificatio
عرض الإجابة
اجابة صحيحة: A
السؤال #15
A successful risk management program should lead to:
A. optimization of risk reduction efforts against cos
B. containment of losses to an annual budgeted amoun
C. identification and removal of all man-made threat
D. elimination or transference of all organizational risk
عرض الإجابة
اجابة صحيحة: A
السؤال #16
The MOST effective way to ensure network users are aware of their responsibilities to comply with an organization's security requirements is:
A. messages displayed at every logo
B. periodic security-related e-mail message
C. an Intranet web site for information securit
D. circulating the information security polic
عرض الإجابة
اجابة صحيحة: C
السؤال #17
Which of the following is an advantage of a centralized information security organizational structure?
A. It is easier to promote security awarenes
B. It is easier to manage and contro
C. It is more responsive to business unit need
D. It provides a faster turnaround for security request
عرض الإجابة
اجابة صحيحة: A
السؤال #18
When a proposed system change violates an existing security standard, the conflict would be BEST resolved by:
A. calculating the residual ris
B. enforcing the security standar
C. redesigning the system chang
D. implementing mitigating control
عرض الإجابة
اجابة صحيحة: B
السؤال #19
Which of the following is the BEST method or technique to ensure the effective implementation of an information security program?
A. Obtain the support of the board of director
B. Improve the content of the information security awareness progra
C. Improve the employees' knowledge of security policie
D. Implement logical access controls to the information system
عرض الإجابة
اجابة صحيحة: A
السؤال #20
Secure customer use of an e-commerce application can BEST be accomplished through:
A. data encryptio
B. digital signature
C. strong password
D. two-factor authenticatio
عرض الإجابة
اجابة صحيحة: D

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.