- (Topic 5)
SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.
The CISO has implemented remediation activities. Which of the following is the MOST logical next step?
Correct Answer:A
- (Topic 1)
When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?
Correct Answer:B
- (Topic 5)
When updating the security strategic planning document what two items must be included?
Correct Answer:D
- (Topic 1)
The framework that helps to define a minimum standard of protection that business stakeholders must attempt to achieve is referred to as a standard of:
Correct Answer:B
- (Topic 2)
How often should an environment be monitored for cyber threats, risks, and exposures?
Correct Answer:D
- (Topic 4)
The process of creating a system which divides documents based on their security level to manage access to private data is known as
Correct Answer:C