Which program element should be implemented FIRST in asset classification and control?

The criticality and sensitivity of information assets is determined on the basis of:

After a risk assessment study, a bank with global operations decided to continue doing business in certain
regions of the world where identity theft is rampant. The information security manager should encourage the
business to:

Because of its importance to the business, an organization wants to quickly implement a technical solution
which deviates from the company’s policies. An information security manager should:

Which of the following measures would be MOST effective against insider threats to confidential information?

A company’s mail server allows anonymous file transfer protocol (FTP) access which could be exploited. What
process should the information security manager deploy to determine the necessity for remedial action?

What is the BEST technique to determine which security controls to implement with a limited budget?

A company recently developed a breakthrough technology. Since this technology could give this company a
significant competitive edge, which of the following would FIRST govern how this information is to be
protected?

Which of the following would BEST address the risk of data leakage?

Attackers who exploit cross-site scripting vulnerabilities take advantage of: