Several business units reported problems with their systems after multiple security patches were
deployed. The FIRST step in handling this problem would be to:

When defining a service level agreement (SLA) regarding the level of data confidentiality that is
handled by a third-party service provider, the BEST indicator of compliance would be the:

The PRIMARY reason for involving information security at each stage in the systems development
life cycle (SDLC) is to identify the security implications and potential solutions required for:

The implementation of continuous monitoring controls is the BEST option where:

A third party was engaged to develop a business application. Which of the following would an
information security manager BEST test for the existence of back doors?

An information security manager reviewing firewall rules will be MOST concerned if the firewall
allows:

What is the MOS T cost-effective means of improving security awareness of staff personnel?

Which of the following is the MOST effective at preventing an unauthorized individual from
following an authorized person through a secured entrance (tailgating or piggybacking)?

Data owners will determine what access and authorizations users will have by:

Which of the following is the MOST likely outcome of a well-designed information security
awareness course?