When an organization is setting up a relationship with a third-party IT service provider, which of the following is one of the MOST important topics to include in the contract from a security standpoint?

An information security strategy document that includes specific links to an organization’s business activities is PRIMARILY an indicator of:

Which of the following processes is critical for deciding prioritization of actions in a business continuity plan?

An organization keeps backup tapes of its servers at a warm site. To ensure that the tapes are properly maintained and usable during a system crash, the MOST appropriate measure the organization should perform is to:

A database was compromised by guessing the password for a shared administrative account and confidential customer information was stolen. The information security manager was able to detect this breach by analyzing which of the following?

What is the BEST method for mitigating against network denial of service (DoS) attacks?

A root kit was used to capture detailed accounts receivable information. To ensure admissibility of evidence from a legal standpoint, once the incident was identified and the server isolated, the next step should be to:

A customer credit card database has been breached by hackers. The FIRST step in dealing with this attack should be to:

Which of the following situations would be the MOST concern to a security manager?

Which of the following provides the BEST confirmation that the business continuity/disaster recovery plan objectives have been achieved?