لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
When performing a qualitative risk analysis, which of the following will BEST produce reliable results?
A. Estimated productivity losses
B. Possible scenarios with threats and impacts
C. Value of information assets
D. Vulnerability assessment
عرض الإجابة
اجابة صحيحة: C
السؤال #2
Which of the following types of information would the information security manager expect to have the LOWEST level of security protection in a large, multinational enterprise?
A. Strategic business plan
B. Upcoming financial results
C. Customer personal information
D. Previous financial results
عرض الإجابة
اجابة صحيحة: B
السؤال #3
An information security manager is advised by contacts in law enforcement that there is evidence that his/ her company is being targeted by a skilled gang of hackers known to use a variety of techniques, including social engineering and network penetration. The FIRST step that the security manager should take is to:
A. perform a comprehensive assessment of the organization's exposure to the hacker's technique
B. initiate awareness training to counter social engineerin
C. immediately advise senior management of the elevated ris
D. increase monitoring activities to provide early detection of intrusio
عرض الإجابة
اجابة صحيحة: D
السؤال #4
Who is responsible for ensuring that information is classified?
A. Senior management
B. Security manager
C. Data owner
D. Custodian
عرض الإجابة
اجابة صحيحة: D
السؤال #5
An information security manager at a global organization that is subject to regulation by multiple governmental jurisdictions with differing requirements should:
A. bring all locations into conformity with the aggregate requirements of all governmental jurisdiction
B. establish baseline standards for all locations and add supplemental standards as require
C. bring all locations into conformity with a generally accepted set of industry best practice
D. establish a baseline standard incorporating those requirements that all jurisdictions have in commo
عرض الإجابة
اجابة صحيحة: B
السؤال #6
Which of the following is the MAIN reason for performing risk assessment on a continuous basis'?
A. Justification of the security budget must be continually mad
B. New vulnerabilities are discovered every da
C. The risk environment is constantly changin
D. Management needs to be continually informed about emerging risk
عرض الإجابة
اجابة صحيحة: D
السؤال #7
Which of the following techniques MOST clearly indicates whether specific risk-reduction controls should be implemented?
A. Countermeasure cost-benefit analysis
B. Penetration testing
C. Frequent risk assessment programs
D. Annual loss expectancy (ALE) calculation
عرض الإجابة
اجابة صحيحة: D
السؤال #8
Which of the following would be MOST relevant to include in a cost-benefit analysis of a two-factor authentication system?
A. Annual loss expectancy (ALE) of incidents
B. Frequency of incidents
C. Total cost of ownership (TCO)
D. Approved budget for the project
عرض الإجابة
اجابة صحيحة: D
السؤال #9
The systems administrator did not immediately notify the security officer about a malicious attack. An information security manager could prevent this situation by:
A. periodically testing the incident response plan
B. regularly testing the intrusion detection system (IDS)
C. establishing mandatory training of all personne
D. periodically reviewing incident response procedure
عرض الإجابة
اجابة صحيحة: C
السؤال #10
Which of the following is the MOST appropriate use of gap analysis?
A. Evaluating a business impact analysis (BIA)
B. Developing a balanced business scorecard
C. Demonstrating the relationship between controls
D. Measuring current state v
E. desired future state
عرض الإجابة
اجابة صحيحة: A
السؤال #11
When a security standard conflicts with a business objective, the situation should be resolved by:
A. changing the security standar
B. changing the business objectiv
C. performing a risk analysi
D. authorizing a risk acceptanc
عرض الإجابة
اجابة صحيحة: C
السؤال #12
Which of the following would be the BEST metric for the IT risk management process?
A. Number of risk management action plans
B. Percentage of critical assets with budgeted remedial
C. Percentage of unresolved risk exposures
D. Number of security incidents identified
عرض الإجابة
اجابة صحيحة: A
السؤال #13
Which of the following is MOST important to the success of an information security program?
A. Security' awareness training
B. Achievable goals and objectives
C. Senior management sponsorship
D. Adequate start-up budget and staffing
عرض الإجابة
اجابة صحيحة: A
السؤال #14
The MOST important component of a privacy policy is:
A. notification
B. warrantie
C. liabilitie
D. geographic coverag
عرض الإجابة
اجابة صحيحة: A
السؤال #15
Which of the following represents the MAJOR focus of privacy regulations?
A. Unrestricted data mining
B. Identity theft
C. Human rights protection
D. Identifiable personal data
عرض الإجابة
اجابة صحيحة: D
السؤال #16
To achieve effective strategic alignment of security initiatives, it is important that:
A. Steering committee leadership be selected by rotatio
B. Inputs be obtained and consensus achieved between the major organizational unit
C. The business strategy be updated periodicall
D. Procedures and standards be approved by all departmental head
عرض الإجابة
اجابة صحيحة: B
السؤال #17
A company's mail server allows anonymous file transfer protocol (FTP) access which could be exploited. What process should the information security manager deploy to determine the necessity for remedial action?
A. A penetration test
B. A security baseline review
C. A risk assessment
D. A business impact analysis (BIA)
عرض الإجابة
اجابة صحيحة: B
السؤال #18
In assessing the degree to which an organization may be affected by new privacy legislation, information security management should FIRST:
A. develop an operational plan for achieving compliance with the legislatio
B. identify systems and processes that contain privacy component
C. restrict the collection of personal information until complian
D. identify privacy legislation in other countries that may contain similar requirement
عرض الإجابة
اجابة صحيحة: C
السؤال #19
Data owners must provide a safe and secure environment to ensure confidentiality, integrity and availability of the transaction. This is an example of an information security:
A. baselin
B. strateg
C. procedur
D. polic
عرض الإجابة
اجابة صحيحة: D
السؤال #20
When implementing security controls, an information security manager must PRIMARILY focus on:
A. minimizing operational impact
B. eliminating all vulnerabilitie
C. usage by similar organization
D. certification from a third part
عرض الإجابة
اجابة صحيحة: B

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.