If an organization considers taking legal action on a s…
If an organization considers taking legal action on a security incident, the information security manager should
focus PRIMARILY on:
copy sample files as evidence.
During the security review of organizational servers, it was found that a file server containing confidential
human resources (HR) data was accessible to all user IDs. As a FIRST step, the security manager should:A. copy sample files as evidence.
Which of the following is the MOST important considerat…
Which of the following is the MOST important consideration for an organization interacting with the media
during a disaster?
The FIRST thing the information security manager should…
An organization has learned of a security breach at another company that utilizes similar technology. The
FIRST thing the information security manager should do is:
Which of the following processes is critical for decidi…
Which of the following processes is critical for deciding prioritization of actions in a business continuity plan?
To ensure that the tapes are properly maintained and us…
An organization keeps backup tapes of its servers at a warm site. To ensure that the tapes are properly
maintained and usable during a system crash, the MOST appropriate measure the organization should perform
is to:
Which of the following should be the immediate action o…
A serious vulnerability is reported in the firewall software used by an organization. Which of the following should
be the immediate action of the information security manager?
The BEST course of action is to:
An organization has been experiencing a number of network-based security attacks that all appear to originate
internally. The BEST course of action is to:
Which of the following BEST facilitates the correlation…
To determine how a security breach occurred on the corporate network, a security manager looks at the logs of
various devices. Which of the following BEST facilitates the correlation and review of these logs?
Which of the following is an example of a corrective co…
Which of the following is an example of a corrective control?