In order for a security policy to be effective within an organization, it MUST include

Which of the following roles has the obligation to ensure that a third party provider is capable of
processing and handling data in a secure manner and meeting the standards set by the organization?

To protect auditable information, which of the following MUST be configured to only allow read
access?

What type of encryption is used to protect sensitive data in transit over a network?

Which of the following entities is ultimately accountable for data remanence vulnerabilities with
data replicated by a cloud service provider?

Which of the following is a recommended alternative to an integrated email encryption system?

In the Open System Interconnection (OSI) model, which layer is responsible for the transmission of
binary data over a communications network?

What is the PRIMARY goal for using Domain Name System Security Extensions (DNSSEC) to sign
records?

While inventorying storage equipment, it is found that there are unlabeled, disconnected, and
powered off devices. Which of the following is the correct procedure for handling such equipment?

The PRIMARY characteristic of a Distributed Denial of Service (DDoS) attack is that it