Question 79

- (Topic 5)
SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.
The CISO has implemented remediation activities. Which of the following is the MOST logical next step?

Correct Answer:A

Question 80

- (Topic 1)
When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?

Correct Answer:B

Question 81

- (Topic 5)
When updating the security strategic planning document what two items must be included?

Correct Answer:D

Question 82

- (Topic 1)
The framework that helps to define a minimum standard of protection that business stakeholders must attempt to achieve is referred to as a standard of:

Correct Answer:B

Question 83

- (Topic 2)
How often should an environment be monitored for cyber threats, risks, and exposures?

Correct Answer:D

Question 84

- (Topic 4)
The process of creating a system which divides documents based on their security level to manage access to private data is known as

Correct Answer:C

START 712-50 EXAM