What is the MOST cost-effective method of identifying new vendor vulnerabilities?

Which of the following is the BEST approach for improving information security management
processes?

An effective way of protecting applications against Structured Query Language (SQL) injection
vulnerability is to:

The root cause of a successful cross site request forgery (XSRF) attack against an application is
that the vulnerable application:

Of the following, retention of business records should be PRIMARILY based on:

An organization is entering into an agreement with a new business partner to conduct customer
mailings. What is the MOST important action that the information security manager needs to
perform?

An organization that outsourced its payroll processing performed an independent assessment of
the security controls of the third party, per policy requirements. Which of the following is the MOST
useful requirement to include in the contract?

Which of the following is the MOST critical activity to ensure the ongoing security of outsourced IT
services?

An organization’s operations staff places payment files in a shared network folder and then the
disbursement staff picks up the files for payment processing. This manual intervention will be
automated some months later, thus cost-efficient controls are sought to protect against file
alterations. Which of the following would be the BEST solution?

Which of the following BEST ensures that security risks will be reevaluated when modifications in
application developments are made?