Which of the following term describes a failure of an electric utility company to supply power within acceptable range? Sag Blackout Brownout EMI Explanation: The failure of an electric utility company to supply power within acceptable range. Such a failure places a strain on electronic equipment and may limit their operational life or even cause […]
Continue reading…
Posts by Admin
Which of the following is an environmental issue caused by electric storms or noisy electric equipment and may also cause computer system to hang or crash?
Which of the following is an environmental issue caused by electric storms or noisy electric equipment and may also cause computer system to hang or crash? Sag Blackout Brownout EMI Explanation: The electromagnetic interference (EMI) caused by electrical storms or noisy electrical equipment. The interference may cause computer system to hang or crash as well […]
Continue reading…
Which of the following is penetration test where the penetration tester is provided with limited or no knowledge of the target’s information systems?
Which of the following is penetration test where the penetration tester is provided with limited or no knowledge of the target’s information systems? External Testing Internal Testing Blind Testing Targeted Testing Explanation: Blind Testing refers to the condition of testing when the penetration tester is provided with limited or no knowledge of the target. Such […]
Continue reading…
Which of the following functions would serve as the BEST resource to review the strategy and provide guidance for business alignment?
An information security manager is developing a new information security strategy. Which of the following functions would serve as the BEST resource to review the strategy and provide guidance for business alignment? Internal audit The steering committee The legal department The board of directors
Continue reading…
To achieve this objective, what should be the information security manager’s FIRST initiative?
After adopting an information security framework, an information security manager is working with senior management to change the organization-wide perception that information security is solely the responsibility of the information security department. To achieve this objective, what should be the information security manager’s FIRST initiative? Develop an operational plan providing best practices for information security […]
Continue reading…
What should the information security manager recommend to support the development of a new web application that will allow retail customers to view inventory and order products?
What should the information security manager recommend to support the development of a new web application that will allow retail customers to view inventory and order products? Building an access control matrix Request customers adhere to baseline security standards Access through a virtual private network (VPN) Implementation of secure transmission protocols
Continue reading…
Which of the following poses the GREATEST challenge for implementing the police?
A multinational organization has developed a bring your own device (BYOD) policy that requires the installation of mobile device management (MDM) software on personally owned devices. Which of the following poses the GREATEST challenge for implementing the police? Varying employee data privacy rights Translation and communication of policy Differences in mobile OS platforms Differences in […]
Continue reading…
Which of the following is the BEST course of action for the information security manager to support this initiative?
An organization plans to leverage popular social network platforms to promote its products and services. Which of the following is the BEST course of action for the information security manager to support this initiative? Develop security controls for the use of social networks Assess the security risk associated with the use of social networks Establish […]
Continue reading…
Which of the following is the information security manager’s PRIMARY role in the information assets classification process?
Which of the following is the information security manager’s PRIMARY role in the information assets classification process? Assigning asset ownership Assigning the asset classification level Securing assets in accordance with their classification Developing an asset classification model
Continue reading…
When creating an incident response plan, the PRIMARY benefit of establishing a clear definition of a security incident is that it helps to:
When creating an incident response plan, the PRIMARY benefit of establishing a clear definition of a security incident is that it helps to: communicate the incident response process to stakeholders develop effective escalation and response procedures make tabletop testing more effective adequately staff and train incident response teams
Continue reading…
Which of the following BEST provides message integrity, sender identity authentication and nonrepudiation?
Which of the following BEST provides message integrity, sender identity authentication and nonrepudiation? Symmetric cryptography Public key infrastructure (PKI) Message hashing Message authentication code Explanation: Public key infrastructure (PKI) combines public key encryption with a trusted third party to publish and revoke digital certificates that contain the public key of the sender. Senders can digitally […]
Continue reading…
It is important to develop an information security baseline because it helps to define:
It is important to develop an information security baseline because it helps to define: critical information resources needing protection. a security policy for the entire organization. the minimum acceptable security to be implemented. required physical and logical access controls. Explanation: Developing an information security baseline helps to define the minimum acceptable security that will be […]
Continue reading…
Which of the following is the MOST relevant metric to include in an information security quarterly report to the executive committee?
Which of the following is the MOST relevant metric to include in an information security quarterly report to the executive committee? Security compliant servers trend report Percentage of security compliant servers Number of security patches applied Security patches applied trend report Explanation: The percentage of compliant servers will be a relevant indicator of the risk […]
Continue reading…
When a user employs a client-side digital certificate to authenticate to a web server through Secure Socket Layer (SSL), confidentiality is MOST vulnerable to which of the following?
When a user employs a client-side digital certificate to authenticate to a web server through Secure Socket Layer (SSL), confidentiality is MOST vulnerable to which of the following? IP spoofing Man-in-the-middle attack Repudiation Trojan Explanation: A Trojan is a program that gives the attacker full control over the infected computer, thus allowing the attacker to […]
Continue reading…
Which of the following describes a penetration test where you attack and attempt to circumvent the controls of the targeted network from the outside, usually the Internet?
There are several types of penetration tests depending upon the scope, objective and nature of a test. Which of the following describes a penetration test where you attack and attempt to circumvent the controls of the targeted network from the outside, usually the Internet? External Testing Internal Testing Blind Testing Targeted Testing Explanation: External testing […]
Continue reading…