An organization’s information security strategy should be based on:

An IS manager has decided to implement a security system to monitor access to the Internet and prevent access to numerous sites. Immediately upon installation, employees Hood the IT helpdesk with complaints of being unable to perform business functions on Internet sites. This is an example of:

The FIRST step in establishing a security governance program is to:

The BEST way to justify the implementation of a single sign-on (SSO) product is to use:

Which of the following would help to change an organization’s security culture?

Which of the following is an advantage of a centralized information security organizational structure?

Which of the following is MOST important to understand when developing a meaningful information security
strategy?

The MOST complete business case for security solutions is one that.

Which of the following BEST contributes to the development of a security governance framework that supports
the maturity model concept?

Which of the following would be MOST helpful to achieve alignment between information security and
organization objectives?