Which item would be the BEST to include in the information security awareness training program
for new general staff employees?

A critical component of a continuous improvement program for information security is:

The management staff of an organization that does not have a dedicated security function decides
to use its IT manager to perform a security review. The MAIN job requirement in this arrangement
is that the IT manager

An organization has implemented an enterprise resource planning (ERP) system used by 500
employees from various departments. Which of the following access control approaches is MOST
appropriate?

An organization plans to contract with an outside service provider to host its corporate web site.
The MOST important concern for the information security manager is to ensure that:

Which of the following is the MAIN objective in contracting with an external company to perform
penetration testing?

A new port needs to be opened in a perimeter firewall. Which of the following should be the FIRST
step before initiating any changes?

An organization plans to outsource its customer relationship management (CRM) to a third-party
service provider. Which of the following should the organization do FIRST?

Which of the following would raise security awareness among an organization’s employees?

Which of the following is the MOST appropriate method of ensuring password strength in a large
organization?