The MOST important reason for formally documenting security procedures is to ensure:

Which of the following is the BEST approach for an organization desiring to protect its intellectual
property?

The “separation of duties” principle is violated if which of the following individuals has update
rights to the database access control list (ACL)?

An account with full administrative privileges over a production file is found to be accessible by a
member of the software development team. This account was set up to allow the developer to
download nonsensitive production data for software testing purposes. The information security
manager should recommend which of the following?

Which would be the BEST recommendation to protect against phishing attacks?

Which of the following is the BEST indicator that an effective security control is built into an
organization?

What is the BEST way to alleviate security team understaffing while retaining the capability inhouse?

An information security manager wishing to establish security baselines would:

Requiring all employees and contractors to meet personnel security/suitability requirements
commensurate with their position sensitivity level and subject to personnel screening is an
example of a security:

An organization’s information security manager has been asked to hire a consultant to help assess
the maturity level of the organization’s information security management. The MOST important
element of the request for proposal (RI P) is the: