The FIRST step in managing the risk of a cyber attack is to:

Which of the following is the MOST effective method for dealing with the spreading of a network
worm that exploits vulnerability in a protocol?

The PRIMARY objective of performing a postincident review is that it presents an opportunity to:

The computer security incident response team (CSIRT) of an organization disseminates detailed
descriptions of recent threats. An IS auditor’s GREATEST concern should be that the users might:

The MAIN criterion for determining the severity level of a service disruption incident is:

Which of the following would be an indicator of the effectiveness of a computer security incident
response team?

An IS auditor evaluating the resilience of a high-availability network should be MOST concerned if:

Which of the following network components is PRIMARILY set up to serve as a security measure by
preventing unauthorized traffic between different segments of the network?

A company is implementing a dynamic host configuration protocol (DHCP). Given that the following
conditions exist, which represents the GREATEST concern?

An IS auditor is performing a network security review of a telecom company that provides Internet
connection services to shopping malls for their wireless customers. The company uses Wireless
Transport Layer Security (WTLS) and Secure Sockets Layer (SSL) technology for protecting their
customer’s payment information. The IS auditor should be MOST concerned if a hacker: