Which of the following would raise security awareness among an organization’s employees?

An organization plans to outsource its customer relationship management (CRM) to a third-party service
provider. Which of the following should the organization do FIRST?

A new port needs to be opened in a perimeter firewall. Which of the following should be the FIRST step before
initiating any changes?

Which of the following is the MAIN objective in contracting with an external company to perform penetration
testing?

An organization plans to contract with an outside service provider to host its corporate web site. The MOST
important concern for the information security manager is to ensure that:

An organization has implemented an enterprise resource planning (ERP) system used by 500 employees from
various departments. Which of the following access control approaches is MOST appropriate?

The management staff of an organization that does not have a dedicated security function decides to use its IT
manager to perform a security review. The MAIN job requirement in this arrangement is that the IT manager

A critical component of a continuous improvement program for information security is:

Which item would be the BEST to include in the information security awareness training program for new
general staff employees?

Which of the following is the MOST likely outcome of a well-designed information security awareness course?