What immediate action should an information security manager take?
A business unit intends to deploy a new technology in a manner that places it in violation of
existing information security standards. What immediate action should an information security
manager take?
which of the following levels do this identified risk exists?
You are the project manager in your enterprise. You have identified risk that is noticeable failure
threatening the success of certain goals of your enterprise. In which of the following levels do this
identified risk exists?
which of the following would be of GREATEST concern?
Company.com has contracted with an external consulting firm to implement a commercial financial
system to replace its existing in-house developed system. In reviewing the proposed development
approach, which of the following would be of GREATEST concern?
________is also referred to as corporate governance, and covers issues such as board structures, roles and exe
CORRECT TEXT
Fill in the blank with an appropriate word.
________is also referred to as corporate governance, and covers issues such as board structures,
roles and executive remuneration.
Acceptable levels of information security risk should be determined by:
Acceptable levels of information security risk should be determined by:
What is the primary advantage to group risks by common causes during qualitative risk analysis?
Courtney is the project manager for her organization. She is working with the project team to
complete the qualitative risk analysis for her project. During the analysis Courtney encourages the
project team to begin the grouping of identified risks by common causes. What is the primary
advantage to group risks by common causes during qualitative risk analysis?
Which of the following is a data validation edit and control?
Which of the following is a data validation edit and control?
In a public key infrastructure (PKI), the authority responsible for the identification and authentication̷
In a public key infrastructure (PKI), the authority responsible for the identification and
authentication of an applicant for a digital certificate (i.e., certificate subjects) is the:
Which of the following is NOT a sub-process of Service Portfolio Management?
Which of the following is NOT a sub-process of Service Portfolio Management?
The PRIMARY goal in developing an information security strategy is to:
The PRIMARY goal in developing an information security strategy is to: