Which of the following placed requirements of federal government agencies to conduct securityrelated training, to identify sensitive systems, and to develop a security plan for those sensitive
systems?

What is the primary goal of incident handling?

Which one of the following is NOT a factor to consider when establishing a core incident response
team?

Which of the following specifically addresses cyber attacks against an organization’s IT systems?

When should a post-mortem review meeting be held after an intrusion has been properly taken

-care of?

During a review of system logs of the enterprise, a security manager discovers that a colleague
working on an exercise ran a job to collect confidential information on the company’s clients. The
colleague who ran the job has since left the company to work for a competitor. Based on the (ISC)
Code of Ethics, which one of the following statements is MOST correct?
The manager should call the colleague and explain what has been discovered.
The manager should then ask for the return of the information in exchange for silence.

In what way could the use of “cookies” violate a person’s privacy?

Which of the following is the BEST way to prevent software license violations?

The ISC2 Code of Ethics does not include which of the following behaviors for a CISSP:

Where can the phrase “Discourage unsafe practice” be found?