{"id":39050,"date":"2022-05-30T01:12:53","date_gmt":"2022-05-30T01:12:53","guid":{"rendered":"https:\/\/www.dumpsbase.com\/freedumps\/?p=39050"},"modified":"2025-09-22T06:39:29","modified_gmt":"2025-09-22T06:39:29","slug":"updated-isaca-cism-dumps-v11-02-2022-for-certified-information-security-manager-certification-exam","status":"publish","type":"post","link":"https:\/\/www.dumpsbase.com\/freedumps\/updated-isaca-cism-dumps-v11-02-2022-for-certified-information-security-manager-certification-exam.html","title":{"rendered":"Updated ISACA CISM Dumps V11.02 [2022] For Certified Information Security Manager Certification Exam"},"content":{"rendered":"\r\n<p>To all new and old customers, the most updated ISACA CISM dumps V11.02 of DumpsBase are available for Certified Information Security Manager certification exam. The professional team has created 1507 real questions to help candidates prepare for CISM certification exam well, also all the answers of ISACA CISM dumps have been verified as the correct items for preparation. Coming to DumpsBase for updated ISACA CISM dumps V11.02 is highly recommended to your preparation of Certified Information Security Manager certification exam.<\/p>\r\n<h2>Read <em><span style=\"background-color: #33cccc;\">CISM Free Dumps<\/span><\/em> First To Check The Updated CISM Dumps<\/h2>\r\n<script>\n\t  window.fbAsyncInit = function() {\n\t    FB.init({\n\t      appId            : '622169541470367',\n\t      autoLogAppEvents : true,\n\t      xfbml            : true,\n\t      version          : 'v3.1'\n\t    });\n\t  };\n\t\n\t  (function(d, s, id){\n\t     var js, fjs = d.getElementsByTagName(s)[0];\n\t     if (d.getElementById(id)) {return;}\n\t     js = d.createElement(s); js.id = id;\n\t     js.src = \"https:\/\/connect.facebook.net\/en_US\/sdk.js\";\n\t     fjs.parentNode.insertBefore(js, fjs);\n\t   }(document, 'script', 'facebook-jssdk'));\n\t<\/script><script type=\"text\/javascript\" >\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \nif(!window.jQuery) alert(\"The important jQuery library is not properly loaded in your site. Your WordPress theme is probably missing the essential wp_head() call. You can switch to another theme and you will see that the plugin works fine and this notice disappears. If you are still not sure what to do you can contact us for help.\");\n});\n<\/script>  \n  \n<div  id=\"watupro_quiz\" class=\"quiz-area single-page-quiz\">\n<p id=\"submittingExam6289\" style=\"display:none;text-align:center;\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\"><\/p>\n\n<div class=\"watupro-exam-description\" id=\"description-quiz-6289\"><\/div>\n\n<form action=\"\" method=\"post\" class=\"quiz-form\" id=\"quiz-6289\"  enctype=\"multipart\/form-data\" >\n<div class='watu-question ' id='question-1' style=';'><div id='questionWrap-1'  class='   watupro-question-id-219872'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>1. <\/span>Which of the following MOST effectively prevents internal users from modifying sensitive data?<\/div><input type='hidden' name='question_id[]' id='qID_1' value='219872' \/><input type='hidden' id='answerType219872' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219872[]' id='answer-id-875855' class='answer   answerof-219872 ' value='875855'   \/><label for='answer-id-875855' id='answer-label-875855' class=' answer'><span>Network segmentation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219872[]' id='answer-id-875856' class='answer   answerof-219872 ' value='875856'   \/><label for='answer-id-875856' id='answer-label-875856' class=' answer'><span>Role-based access controls<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219872[]' id='answer-id-875857' class='answer   answerof-219872 ' value='875857'   \/><label for='answer-id-875857' id='answer-label-875857' class=' answer'><span>Multi-factor authentication -<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219872[]' id='answer-id-875858' class='answer   answerof-219872 ' value='875858'   \/><label for='answer-id-875858' id='answer-label-875858' class=' answer'><span>Acceptable use policies<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-2' style=';'><div id='questionWrap-2'  class='   watupro-question-id-219873'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>2. <\/span>A contract bid is digitally signed and electronically mailed The PRIMARY advantage to using a digital signature is that<\/div><input type='hidden' name='question_id[]' id='qID_2' value='219873' \/><input type='hidden' id='answerType219873' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219873[]' id='answer-id-875859' class='answer   answerof-219873 ' value='875859'   \/><label for='answer-id-875859' id='answer-label-875859' class=' answer'><span>any alteration of the bid will invalidate the signature.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219873[]' id='answer-id-875860' class='answer   answerof-219873 ' value='875860'   \/><label for='answer-id-875860' id='answer-label-875860' class=' answer'><span>the signature can be authenticated even if no encryption is used,<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219873[]' id='answer-id-875861' class='answer   answerof-219873 ' value='875861'   \/><label for='answer-id-875861' id='answer-label-875861' class=' answer'><span>the bid cannot be forged even if the keys are compromised.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219873[]' id='answer-id-875862' class='answer   answerof-219873 ' value='875862'   \/><label for='answer-id-875862' id='answer-label-875862' class=' answer'><span>the bid and the signature can be copied from one document to another<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-3' style=';'><div id='questionWrap-3'  class='   watupro-question-id-219874'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>3. <\/span>Which of the following would be of GREATEST concern to an information security manager when evaluating a cloud service provider (CSP)?<\/div><input type='hidden' name='question_id[]' id='qID_3' value='219874' \/><input type='hidden' id='answerType219874' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219874[]' id='answer-id-875863' class='answer   answerof-219874 ' value='875863'   \/><label for='answer-id-875863' id='answer-label-875863' class=' answer'><span>Security controls offered by the provider are inadequate<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219874[]' id='answer-id-875864' class='answer   answerof-219874 ' value='875864'   \/><label for='answer-id-875864' id='answer-label-875864' class=' answer'><span>Service level agreements (SLAs) art not well defined.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219874[]' id='answer-id-875865' class='answer   answerof-219874 ' value='875865'   \/><label for='answer-id-875865' id='answer-label-875865' class=' answer'><span>Data retention policies may be violated.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219874[]' id='answer-id-875866' class='answer   answerof-219874 ' value='875866'   \/><label for='answer-id-875866' id='answer-label-875866' class=' answer'><span>There is no right to audit the security of the provider<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-4' style=';'><div id='questionWrap-4'  class='   watupro-question-id-219875'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>4. <\/span>An access rights review revealed that some former employees' access is still active. <br \/>\r<br>Once the access is revoked, which of the following is the BEST course of action to help prevent recurrence?<\/div><input type='hidden' name='question_id[]' id='qID_4' value='219875' \/><input type='hidden' id='answerType219875' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219875[]' id='answer-id-875867' class='answer   answerof-219875 ' value='875867'   \/><label for='answer-id-875867' id='answer-label-875867' class=' answer'><span>Implement a periodic recertification program.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219875[]' id='answer-id-875868' class='answer   answerof-219875 ' value='875868'   \/><label for='answer-id-875868' id='answer-label-875868' class=' answer'><span>Initiate an access control policy review.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219875[]' id='answer-id-875869' class='answer   answerof-219875 ' value='875869'   \/><label for='answer-id-875869' id='answer-label-875869' class=' answer'><span>Validate HR offboarding processes.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219875[]' id='answer-id-875870' class='answer   answerof-219875 ' value='875870'   \/><label for='answer-id-875870' id='answer-label-875870' class=' answer'><span>Conduct a root cause analysis.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-5' style=';'><div id='questionWrap-5'  class='   watupro-question-id-219876'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>5. <\/span>Which of the following is the MOST effective approach for integrating security into application development?<\/div><input type='hidden' name='question_id[]' id='qID_5' value='219876' \/><input type='hidden' id='answerType219876' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219876[]' id='answer-id-875871' class='answer   answerof-219876 ' value='875871'   \/><label for='answer-id-875871' id='answer-label-875871' class=' answer'><span>Including security in user acceptance testing sign-off<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219876[]' id='answer-id-875872' class='answer   answerof-219876 ' value='875872'   \/><label for='answer-id-875872' id='answer-label-875872' class=' answer'><span>Performing vulnerability scans<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219876[]' id='answer-id-875873' class='answer   answerof-219876 ' value='875873'   \/><label for='answer-id-875873' id='answer-label-875873' class=' answer'><span>Defining security requirements<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219876[]' id='answer-id-875874' class='answer   answerof-219876 ' value='875874'   \/><label for='answer-id-875874' id='answer-label-875874' class=' answer'><span>Developing security models in parallel<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-6' style=';'><div id='questionWrap-6'  class='   watupro-question-id-219877'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>6. <\/span>Which of the following processes would BEST help to ensure that information security risks will be evaluated when implementing a new payroll system?<\/div><input type='hidden' name='question_id[]' id='qID_6' value='219877' \/><input type='hidden' id='answerType219877' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219877[]' id='answer-id-875875' class='answer   answerof-219877 ' value='875875'   \/><label for='answer-id-875875' id='answer-label-875875' class=' answer'><span>Change management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219877[]' id='answer-id-875876' class='answer   answerof-219877 ' value='875876'   \/><label for='answer-id-875876' id='answer-label-875876' class=' answer'><span>Problem management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219877[]' id='answer-id-875877' class='answer   answerof-219877 ' value='875877'   \/><label for='answer-id-875877' id='answer-label-875877' class=' answer'><span>Configuration management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219877[]' id='answer-id-875878' class='answer   answerof-219877 ' value='875878'   \/><label for='answer-id-875878' id='answer-label-875878' class=' answer'><span>Incident management<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-7' style=';'><div id='questionWrap-7'  class='   watupro-question-id-219878'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>7. <\/span>The MOST important factors in determining the scope and timing for testing a business continuity plan are:<\/div><input type='hidden' name='question_id[]' id='qID_7' value='219878' \/><input type='hidden' id='answerType219878' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219878[]' id='answer-id-875879' class='answer   answerof-219878 ' value='875879'   \/><label for='answer-id-875879' id='answer-label-875879' class=' answer'><span>the experience level of personnel and the function location.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219878[]' id='answer-id-875880' class='answer   answerof-219878 ' value='875880'   \/><label for='answer-id-875880' id='answer-label-875880' class=' answer'><span>prior testing results and the degree of detail of the business continuity plan<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219878[]' id='answer-id-875881' class='answer   answerof-219878 ' value='875881'   \/><label for='answer-id-875881' id='answer-label-875881' class=' answer'><span>the importance of the function to be tested and the cost of testing,<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219878[]' id='answer-id-875882' class='answer   answerof-219878 ' value='875882'   \/><label for='answer-id-875882' id='answer-label-875882' class=' answer'><span>manual processing capabilities and the test location<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-8' style=';'><div id='questionWrap-8'  class='   watupro-question-id-219879'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>8. <\/span>A threat intelligence report indicates there has been a significant rise in the number of attacks targeting the industry. <br \/>\r<br>What should the information security manager do NEXT?<\/div><input type='hidden' name='question_id[]' id='qID_8' value='219879' \/><input type='hidden' id='answerType219879' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219879[]' id='answer-id-875883' class='answer   answerof-219879 ' value='875883'   \/><label for='answer-id-875883' id='answer-label-875883' class=' answer'><span>Discuss the risk with senior management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219879[]' id='answer-id-875884' class='answer   answerof-219879 ' value='875884'   \/><label for='answer-id-875884' id='answer-label-875884' class=' answer'><span>Conduct penetration testing to identity vulnerabilities.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219879[]' id='answer-id-875885' class='answer   answerof-219879 ' value='875885'   \/><label for='answer-id-875885' id='answer-label-875885' class=' answer'><span>Allocate additional resources to monitor perimeter security systems,<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219879[]' id='answer-id-875886' class='answer   answerof-219879 ' value='875886'   \/><label for='answer-id-875886' id='answer-label-875886' class=' answer'><span>Update the organization\u2019s security awareness campaign.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-9' style=';'><div id='questionWrap-9'  class='   watupro-question-id-219880'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>9. <\/span>Which of the following is the MOST effective way to detect social engineering attacks?<\/div><input type='hidden' name='question_id[]' id='qID_9' value='219880' \/><input type='hidden' id='answerType219880' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219880[]' id='answer-id-875887' class='answer   answerof-219880 ' value='875887'   \/><label for='answer-id-875887' id='answer-label-875887' class=' answer'><span>Implement real-time monitoring of security-related events.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219880[]' id='answer-id-875888' class='answer   answerof-219880 ' value='875888'   \/><label for='answer-id-875888' id='answer-label-875888' class=' answer'><span>Encourage staff to report any suspicious activities.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219880[]' id='answer-id-875889' class='answer   answerof-219880 ' value='875889'   \/><label for='answer-id-875889' id='answer-label-875889' class=' answer'><span>Implement an acceptable use policy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219880[]' id='answer-id-875890' class='answer   answerof-219880 ' value='875890'   \/><label for='answer-id-875890' id='answer-label-875890' class=' answer'><span>Provide incident management training to all start.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-10' style=';'><div id='questionWrap-10'  class='   watupro-question-id-219881'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>10. <\/span>A third-party contract signed by a business unit manager failed to specify information security requirements. <br \/>\r<br>Which of the following is the BEST way for an information security manager to prevent this situation from reoccurring?<\/div><input type='hidden' name='question_id[]' id='qID_10' value='219881' \/><input type='hidden' id='answerType219881' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219881[]' id='answer-id-875891' class='answer   answerof-219881 ' value='875891'   \/><label for='answer-id-875891' id='answer-label-875891' class=' answer'><span>Inform business unit management of the information security requirements.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219881[]' id='answer-id-875892' class='answer   answerof-219881 ' value='875892'   \/><label for='answer-id-875892' id='answer-label-875892' class=' answer'><span>Provide information security training to the business units<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219881[]' id='answer-id-875893' class='answer   answerof-219881 ' value='875893'   \/><label for='answer-id-875893' id='answer-label-875893' class=' answer'><span>Integrate information security into the procurement process<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219881[]' id='answer-id-875894' class='answer   answerof-219881 ' value='875894'   \/><label for='answer-id-875894' id='answer-label-875894' class=' answer'><span>Involve the information security team in contract negotiations<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-11' style=';'><div id='questionWrap-11'  class='   watupro-question-id-219882'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>11. <\/span>Which of the following is the MOST important requirement for the successful implementation of security governance?<\/div><input type='hidden' name='question_id[]' id='qID_11' value='219882' \/><input type='hidden' id='answerType219882' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219882[]' id='answer-id-875895' class='answer   answerof-219882 ' value='875895'   \/><label for='answer-id-875895' id='answer-label-875895' class=' answer'><span>Mapping to organizational<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219882[]' id='answer-id-875896' class='answer   answerof-219882 ' value='875896'   \/><label for='answer-id-875896' id='answer-label-875896' class=' answer'><span>Implementing a security balanced scorecard<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219882[]' id='answer-id-875897' class='answer   answerof-219882 ' value='875897'   \/><label for='answer-id-875897' id='answer-label-875897' class=' answer'><span>Performance an enterprise-wide risk assessment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219882[]' id='answer-id-875898' class='answer   answerof-219882 ' value='875898'   \/><label for='answer-id-875898' id='answer-label-875898' class=' answer'><span>Aligning to an international security framework<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-12' style=';'><div id='questionWrap-12'  class='   watupro-question-id-219883'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>12. <\/span>Which of the following would contribute MOST to employees' understanding of data handling responsibilities?<\/div><input type='hidden' name='question_id[]' id='qID_12' value='219883' \/><input type='hidden' id='answerType219883' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219883[]' id='answer-id-875899' class='answer   answerof-219883 ' value='875899'   \/><label for='answer-id-875899' id='answer-label-875899' class=' answer'><span>Demonstrating support by senior management of the security program<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219883[]' id='answer-id-875900' class='answer   answerof-219883 ' value='875900'   \/><label for='answer-id-875900' id='answer-label-875900' class=' answer'><span>Implementing a tailored security awareness training program<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219883[]' id='answer-id-875901' class='answer   answerof-219883 ' value='875901'   \/><label for='answer-id-875901' id='answer-label-875901' class=' answer'><span>Requiring staff acknowledgement of security policies<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219883[]' id='answer-id-875902' class='answer   answerof-219883 ' value='875902'   \/><label for='answer-id-875902' id='answer-label-875902' class=' answer'><span>Labeling documents according to appropriate security classification<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-13' style=';'><div id='questionWrap-13'  class='   watupro-question-id-219884'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>13. <\/span>Which of the following BEST reduces the likelihood of leakage of private information via email?<\/div><input type='hidden' name='question_id[]' id='qID_13' value='219884' \/><input type='hidden' id='answerType219884' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219884[]' id='answer-id-875903' class='answer   answerof-219884 ' value='875903'   \/><label for='answer-id-875903' id='answer-label-875903' class=' answer'><span>User awareness training<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219884[]' id='answer-id-875904' class='answer   answerof-219884 ' value='875904'   \/><label for='answer-id-875904' id='answer-label-875904' class=' answer'><span>Email encryption<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219884[]' id='answer-id-875905' class='answer   answerof-219884 ' value='875905'   \/><label for='answer-id-875905' id='answer-label-875905' class=' answer'><span>Strong user authentication protocols<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219884[]' id='answer-id-875906' class='answer   answerof-219884 ' value='875906'   \/><label for='answer-id-875906' id='answer-label-875906' class=' answer'><span>Prohibition on the personal use of email<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-14' style=';'><div id='questionWrap-14'  class='   watupro-question-id-219885'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>14. <\/span>A new program has been implemented to standardize security configurations across a multinational organization Following implementation, the configuration standards should:<\/div><input type='hidden' name='question_id[]' id='qID_14' value='219885' \/><input type='hidden' id='answerType219885' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219885[]' id='answer-id-875907' class='answer   answerof-219885 ' value='875907'   \/><label for='answer-id-875907' id='answer-label-875907' class=' answer'><span>remain unchanged to avoid variations across the organization<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219885[]' id='answer-id-875908' class='answer   answerof-219885 ' value='875908'   \/><label for='answer-id-875908' id='answer-label-875908' class=' answer'><span>be updated to address emerging threats and vulnerabilities.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219885[]' id='answer-id-875909' class='answer   answerof-219885 ' value='875909'   \/><label for='answer-id-875909' id='answer-label-875909' class=' answer'><span>be changed for different subsets of the systems to minimize impact,<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219885[]' id='answer-id-875910' class='answer   answerof-219885 ' value='875910'   \/><label for='answer-id-875910' id='answer-label-875910' class=' answer'><span>not deviate from industry best practice baselines.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-15' style=';'><div id='questionWrap-15'  class='   watupro-question-id-219886'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>15. <\/span>An information security manager s PRIMARY objective for presenting key risks to the board of directors is to:<\/div><input type='hidden' name='question_id[]' id='qID_15' value='219886' \/><input type='hidden' id='answerType219886' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219886[]' id='answer-id-875911' class='answer   answerof-219886 ' value='875911'   \/><label for='answer-id-875911' id='answer-label-875911' class=' answer'><span>re-evaluate the risk appetite<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219886[]' id='answer-id-875912' class='answer   answerof-219886 ' value='875912'   \/><label for='answer-id-875912' id='answer-label-875912' class=' answer'><span>quantify reputational risks<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219886[]' id='answer-id-875913' class='answer   answerof-219886 ' value='875913'   \/><label for='answer-id-875913' id='answer-label-875913' class=' answer'><span>meet information security compliance requirements.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219886[]' id='answer-id-875914' class='answer   answerof-219886 ' value='875914'   \/><label for='answer-id-875914' id='answer-label-875914' class=' answer'><span>ensure appropriate information security governance.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-16' style=';'><div id='questionWrap-16'  class='   watupro-question-id-219887'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>16. <\/span>The PRIMARY purpose of asset valuation for the management of information security is to:<\/div><input type='hidden' name='question_id[]' id='qID_16' value='219887' \/><input type='hidden' id='answerType219887' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219887[]' id='answer-id-875915' class='answer   answerof-219887 ' value='875915'   \/><label for='answer-id-875915' id='answer-label-875915' class=' answer'><span>prioritize risk management activities.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219887[]' id='answer-id-875916' class='answer   answerof-219887 ' value='875916'   \/><label for='answer-id-875916' id='answer-label-875916' class=' answer'><span>provide a basis for asset classification.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219887[]' id='answer-id-875917' class='answer   answerof-219887 ' value='875917'   \/><label for='answer-id-875917' id='answer-label-875917' class=' answer'><span>determine the value of each asset<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219887[]' id='answer-id-875918' class='answer   answerof-219887 ' value='875918'   \/><label for='answer-id-875918' id='answer-label-875918' class=' answer'><span>eliminate the least significant assets.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-17' style=';'><div id='questionWrap-17'  class='   watupro-question-id-219888'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>17. <\/span>Which of the following is the PRIMARY reason to invoke continuity and recovery plans?<\/div><input type='hidden' name='question_id[]' id='qID_17' value='219888' \/><input type='hidden' id='answerType219888' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219888[]' id='answer-id-875919' class='answer   answerof-219888 ' value='875919'   \/><label for='answer-id-875919' id='answer-label-875919' class=' answer'><span>To achieve service delivery objectives<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219888[]' id='answer-id-875920' class='answer   answerof-219888 ' value='875920'   \/><label for='answer-id-875920' id='answer-label-875920' class=' answer'><span>To coordinate with senior management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219888[]' id='answer-id-875921' class='answer   answerof-219888 ' value='875921'   \/><label for='answer-id-875921' id='answer-label-875921' class=' answer'><span>To enforce service level agreements (SLAs)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219888[]' id='answer-id-875922' class='answer   answerof-219888 ' value='875922'   \/><label for='answer-id-875922' id='answer-label-875922' class=' answer'><span>To protect corporate networks<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-18' style=';'><div id='questionWrap-18'  class='   watupro-question-id-219889'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>18. <\/span>An information security manager is concerned that executive management does not su the following is the BEST way to address this situation?<\/div><input type='hidden' name='question_id[]' id='qID_18' value='219889' \/><input type='hidden' id='answerType219889' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219889[]' id='answer-id-875923' class='answer   answerof-219889 ' value='875923'   \/><label for='answer-id-875923' id='answer-label-875923' class=' answer'><span>Revise the information security strategy to meet executive management expectations.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219889[]' id='answer-id-875924' class='answer   answerof-219889 ' value='875924'   \/><label for='answer-id-875924' id='answer-label-875924' class=' answer'><span>Escalate noncompliance concerns to the internal audit manager<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219889[]' id='answer-id-875925' class='answer   answerof-219889 ' value='875925'   \/><label for='answer-id-875925' id='answer-label-875925' class=' answer'><span>Report the risk and status of the information security program to the board.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219889[]' id='answer-id-875926' class='answer   answerof-219889 ' value='875926'   \/><label for='answer-id-875926' id='answer-label-875926' class=' answer'><span>Demonstrate alignment of the information security function with business needs.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-19' style=';'><div id='questionWrap-19'  class='   watupro-question-id-219890'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>19. <\/span>A policy has been established requiting users to install mobile device management (MDM) software on their personal devices. <br \/>\r<br>Which of the following would BEST mitigate the risk created by noncompliance with this policy?<\/div><input type='hidden' name='question_id[]' id='qID_19' value='219890' \/><input type='hidden' id='answerType219890' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219890[]' id='answer-id-875927' class='answer   answerof-219890 ' value='875927'   \/><label for='answer-id-875927' id='answer-label-875927' class=' answer'><span>Disabling remote access from the mobile device<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219890[]' id='answer-id-875928' class='answer   answerof-219890 ' value='875928'   \/><label for='answer-id-875928' id='answer-label-875928' class=' answer'><span>Requiring users to sign off on terms and conditions<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219890[]' id='answer-id-875929' class='answer   answerof-219890 ' value='875929'   \/><label for='answer-id-875929' id='answer-label-875929' class=' answer'><span>Issuing company-configured mobile devices<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219890[]' id='answer-id-875930' class='answer   answerof-219890 ' value='875930'   \/><label for='answer-id-875930' id='answer-label-875930' class=' answer'><span>Issuing warnings and documenting noncompliance<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-20' style=';'><div id='questionWrap-20'  class='   watupro-question-id-219891'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>20. <\/span>Which of the following provides the BEST input to maintain an effective asset classification program?<\/div><input type='hidden' name='question_id[]' id='qID_20' value='219891' \/><input type='hidden' id='answerType219891' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219891[]' id='answer-id-875931' class='answer   answerof-219891 ' value='875931'   \/><label for='answer-id-875931' id='answer-label-875931' class=' answer'><span>Business impact analysis (BIA)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219891[]' id='answer-id-875932' class='answer   answerof-219891 ' value='875932'   \/><label for='answer-id-875932' id='answer-label-875932' class=' answer'><span>Annual toss expectancy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219891[]' id='answer-id-875933' class='answer   answerof-219891 ' value='875933'   \/><label for='answer-id-875933' id='answer-label-875933' class=' answer'><span>Vulnerability assessment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219891[]' id='answer-id-875934' class='answer   answerof-219891 ' value='875934'   \/><label for='answer-id-875934' id='answer-label-875934' class=' answer'><span>Risk heat map<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-21' style=';'><div id='questionWrap-21'  class='   watupro-question-id-219892'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>21. <\/span>When the inherent risk of a business activity is lower than the acceptable risk level, the BEST course of action would be to:<\/div><input type='hidden' name='question_id[]' id='qID_21' value='219892' \/><input type='hidden' id='answerType219892' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219892[]' id='answer-id-875935' class='answer   answerof-219892 ' value='875935'   \/><label for='answer-id-875935' id='answer-label-875935' class=' answer'><span>implement controls to mitigate the risk.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219892[]' id='answer-id-875936' class='answer   answerof-219892 ' value='875936'   \/><label for='answer-id-875936' id='answer-label-875936' class=' answer'><span>monitor for business changes.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219892[]' id='answer-id-875937' class='answer   answerof-219892 ' value='875937'   \/><label for='answer-id-875937' id='answer-label-875937' class=' answer'><span>review the residual risk level<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219892[]' id='answer-id-875938' class='answer   answerof-219892 ' value='875938'   \/><label for='answer-id-875938' id='answer-label-875938' class=' answer'><span>report compliance to management<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-22' style=';'><div id='questionWrap-22'  class='   watupro-question-id-219893'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>22. <\/span>Which of the following is the BEST way to prevent employees from making unauthorized comments to the media about security incidents in progress?<\/div><input type='hidden' name='question_id[]' id='qID_22' value='219893' \/><input type='hidden' id='answerType219893' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219893[]' id='answer-id-875939' class='answer   answerof-219893 ' value='875939'   \/><label for='answer-id-875939' id='answer-label-875939' class=' answer'><span>Establish standard media responses for employees to control the message<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219893[]' id='answer-id-875940' class='answer   answerof-219893 ' value='875940'   \/><label for='answer-id-875940' id='answer-label-875940' class=' answer'><span>Communicate potential disciplinary actions for noncompliance.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219893[]' id='answer-id-875941' class='answer   answerof-219893 ' value='875941'   \/><label for='answer-id-875941' id='answer-label-875941' class=' answer'><span>Include communication policies In regular information security training<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219893[]' id='answer-id-875942' class='answer   answerof-219893 ' value='875942'   \/><label for='answer-id-875942' id='answer-label-875942' class=' answer'><span>training Implement controls to prevent discussion with media during an Incident.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-23' style=';'><div id='questionWrap-23'  class='   watupro-question-id-219894'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>23. <\/span>Which of the following would be MOST effective when justifying the cost of adding security controls to an existing web application?<\/div><input type='hidden' name='question_id[]' id='qID_23' value='219894' \/><input type='hidden' id='answerType219894' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219894[]' id='answer-id-875943' class='answer   answerof-219894 ' value='875943'   \/><label for='answer-id-875943' id='answer-label-875943' class=' answer'><span>Vulnerability assessment results<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219894[]' id='answer-id-875944' class='answer   answerof-219894 ' value='875944'   \/><label for='answer-id-875944' id='answer-label-875944' class=' answer'><span>Application security policy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219894[]' id='answer-id-875945' class='answer   answerof-219894 ' value='875945'   \/><label for='answer-id-875945' id='answer-label-875945' class=' answer'><span>A business case<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219894[]' id='answer-id-875946' class='answer   answerof-219894 ' value='875946'   \/><label for='answer-id-875946' id='answer-label-875946' class=' answer'><span>Internal audit reports<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-24' style=';'><div id='questionWrap-24'  class='   watupro-question-id-219895'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>24. <\/span>An information security manager is concerned that executive management does not support information security initiatives. <br \/>\r<br>Which of the following is the BEST way to address this situation?<\/div><input type='hidden' name='question_id[]' id='qID_24' value='219895' \/><input type='hidden' id='answerType219895' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219895[]' id='answer-id-875947' class='answer   answerof-219895 ' value='875947'   \/><label for='answer-id-875947' id='answer-label-875947' class=' answer'><span>Revise the information security strategy to meet executive management's expectations.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219895[]' id='answer-id-875948' class='answer   answerof-219895 ' value='875948'   \/><label for='answer-id-875948' id='answer-label-875948' class=' answer'><span>Escalate noncompliance concerns to the internal audit manager<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219895[]' id='answer-id-875949' class='answer   answerof-219895 ' value='875949'   \/><label for='answer-id-875949' id='answer-label-875949' class=' answer'><span>Report the risk and status of the information security program to the board.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219895[]' id='answer-id-875950' class='answer   answerof-219895 ' value='875950'   \/><label for='answer-id-875950' id='answer-label-875950' class=' answer'><span>Demonstrate alignment of the information security function with business needs.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-25' style=';'><div id='questionWrap-25'  class='   watupro-question-id-219896'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>25. <\/span>Which of the following is the PRIMARY objective of a business impact analysis (BIA):<\/div><input type='hidden' name='question_id[]' id='qID_25' value='219896' \/><input type='hidden' id='answerType219896' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219896[]' id='answer-id-875951' class='answer   answerof-219896 ' value='875951'   \/><label for='answer-id-875951' id='answer-label-875951' class=' answer'><span>Define the recovery point objective (RPO).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219896[]' id='answer-id-875952' class='answer   answerof-219896 ' value='875952'   \/><label for='answer-id-875952' id='answer-label-875952' class=' answer'><span>Determine recovery priorities.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219896[]' id='answer-id-875953' class='answer   answerof-219896 ' value='875953'   \/><label for='answer-id-875953' id='answer-label-875953' class=' answer'><span>Confirm control effectiveness.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219896[]' id='answer-id-875954' class='answer   answerof-219896 ' value='875954'   \/><label for='answer-id-875954' id='answer-label-875954' class=' answer'><span>Analyze vulnerabilities<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-26' style=';'><div id='questionWrap-26'  class='   watupro-question-id-219897'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>26. <\/span>Which of the following should be define* I FIRST when creating an organization's information security strategy?<\/div><input type='hidden' name='question_id[]' id='qID_26' value='219897' \/><input type='hidden' id='answerType219897' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219897[]' id='answer-id-875955' class='answer   answerof-219897 ' value='875955'   \/><label for='answer-id-875955' id='answer-label-875955' class=' answer'><span>Budget<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219897[]' id='answer-id-875956' class='answer   answerof-219897 ' value='875956'   \/><label for='answer-id-875956' id='answer-label-875956' class=' answer'><span>Policies and processes<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219897[]' id='answer-id-875957' class='answer   answerof-219897 ' value='875957'   \/><label for='answer-id-875957' id='answer-label-875957' class=' answer'><span>Objectives<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219897[]' id='answer-id-875958' class='answer   answerof-219897 ' value='875958'   \/><label for='answer-id-875958' id='answer-label-875958' class=' answer'><span>Organizational structures<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-27' style=';'><div id='questionWrap-27'  class='   watupro-question-id-219898'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>27. <\/span>Meeting which of the following security objectives BEST ensures that information is protected against unauthorized modification?<\/div><input type='hidden' name='question_id[]' id='qID_27' value='219898' \/><input type='hidden' id='answerType219898' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219898[]' id='answer-id-875959' class='answer   answerof-219898 ' value='875959'   \/><label for='answer-id-875959' id='answer-label-875959' class=' answer'><span>Availability<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219898[]' id='answer-id-875960' class='answer   answerof-219898 ' value='875960'   \/><label for='answer-id-875960' id='answer-label-875960' class=' answer'><span>Integrity<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219898[]' id='answer-id-875961' class='answer   answerof-219898 ' value='875961'   \/><label for='answer-id-875961' id='answer-label-875961' class=' answer'><span>Confidentiality<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219898[]' id='answer-id-875962' class='answer   answerof-219898 ' value='875962'   \/><label for='answer-id-875962' id='answer-label-875962' class=' answer'><span>Authenticity<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-28' style=';'><div id='questionWrap-28'  class='   watupro-question-id-219899'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>28. <\/span>Which of the following is the BEST way for an information security manager to promote the integration of information security considerations into key business processes?<\/div><input type='hidden' name='question_id[]' id='qID_28' value='219899' \/><input type='hidden' id='answerType219899' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219899[]' id='answer-id-875963' class='answer   answerof-219899 ' value='875963'   \/><label for='answer-id-875963' id='answer-label-875963' class=' answer'><span>Provide information security awareness training.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219899[]' id='answer-id-875964' class='answer   answerof-219899 ' value='875964'   \/><label for='answer-id-875964' id='answer-label-875964' class=' answer'><span>Conduct a business impact analysis (BIA).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219899[]' id='answer-id-875965' class='answer   answerof-219899 ' value='875965'   \/><label for='answer-id-875965' id='answer-label-875965' class=' answer'><span>Facilitate the creation of an information security steering group<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219899[]' id='answer-id-875966' class='answer   answerof-219899 ' value='875966'   \/><label for='answer-id-875966' id='answer-label-875966' class=' answer'><span>Conduct information security briefings for executives<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-29' style=';'><div id='questionWrap-29'  class='   watupro-question-id-219900'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>29. <\/span>Senior management learns of several web application security incidents and wants to know the exposure risk to the organization. <br \/>\r<br>What is the information security manager's BEST course of action?<\/div><input type='hidden' name='question_id[]' id='qID_29' value='219900' \/><input type='hidden' id='answerType219900' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219900[]' id='answer-id-875967' class='answer   answerof-219900 ' value='875967'   \/><label for='answer-id-875967' id='answer-label-875967' class=' answer'><span>Perform a vulnerability assessment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219900[]' id='answer-id-875968' class='answer   answerof-219900 ' value='875968'   \/><label for='answer-id-875968' id='answer-label-875968' class=' answer'><span>Review audit logs from IT systems.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219900[]' id='answer-id-875969' class='answer   answerof-219900 ' value='875969'   \/><label for='answer-id-875969' id='answer-label-875969' class=' answer'><span>Activate the incident response plan<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219900[]' id='answer-id-875970' class='answer   answerof-219900 ' value='875970'   \/><label for='answer-id-875970' id='answer-label-875970' class=' answer'><span>Assess IT system configurations<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-30' style=';'><div id='questionWrap-30'  class='   watupro-question-id-219901'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>30. <\/span>A message is being sent with a hash. The risk of an attacker changing the message and generating an authentic hash value c*n be mitigated by:<\/div><input type='hidden' name='question_id[]' id='qID_30' value='219901' \/><input type='hidden' id='answerType219901' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219901[]' id='answer-id-875971' class='answer   answerof-219901 ' value='875971'   \/><label for='answer-id-875971' id='answer-label-875971' class=' answer'><span>generating hash output that is the same size as the original message,<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219901[]' id='answer-id-875972' class='answer   answerof-219901 ' value='875972'   \/><label for='answer-id-875972' id='answer-label-875972' class=' answer'><span>requiring the recipient to use a different hash algorithm,<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219901[]' id='answer-id-875973' class='answer   answerof-219901 ' value='875973'   \/><label for='answer-id-875973' id='answer-label-875973' class=' answer'><span>using the senders public key to encrypt the message.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219901[]' id='answer-id-875974' class='answer   answerof-219901 ' value='875974'   \/><label for='answer-id-875974' id='answer-label-875974' class=' answer'><span>using a secret key m conjunction with the hash algorithm.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-31' style=';'><div id='questionWrap-31'  class='   watupro-question-id-219902'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>31. <\/span>Which of the following sites would be MOST appropriate in the case of a very short recovery time objective (RTO)?<\/div><input type='hidden' name='question_id[]' id='qID_31' value='219902' \/><input type='hidden' id='answerType219902' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219902[]' id='answer-id-875975' class='answer   answerof-219902 ' value='875975'   \/><label for='answer-id-875975' id='answer-label-875975' class=' answer'><span>Redundant<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219902[]' id='answer-id-875976' class='answer   answerof-219902 ' value='875976'   \/><label for='answer-id-875976' id='answer-label-875976' class=' answer'><span>Shared<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219902[]' id='answer-id-875977' class='answer   answerof-219902 ' value='875977'   \/><label for='answer-id-875977' id='answer-label-875977' class=' answer'><span>Warm<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219902[]' id='answer-id-875978' class='answer   answerof-219902 ' value='875978'   \/><label for='answer-id-875978' id='answer-label-875978' class=' answer'><span>Mobile<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-32' style=';'><div id='questionWrap-32'  class='   watupro-question-id-219903'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>32. <\/span>Which of the following is the BEST indication that a recently adopted information security framework is a good fit for an organization?<\/div><input type='hidden' name='question_id[]' id='qID_32' value='219903' \/><input type='hidden' id='answerType219903' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219903[]' id='answer-id-875979' class='answer   answerof-219903 ' value='875979'   \/><label for='answer-id-875979' id='answer-label-875979' class=' answer'><span>The framework includes industry-recognized information security best practices.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219903[]' id='answer-id-875980' class='answer   answerof-219903 ' value='875980'   \/><label for='answer-id-875980' id='answer-label-875980' class=' answer'><span>The number of security incidents has significantly declined<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219903[]' id='answer-id-875981' class='answer   answerof-219903 ' value='875981'   \/><label for='answer-id-875981' id='answer-label-875981' class=' answer'><span>The business has obtained framework certification.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219903[]' id='answer-id-875982' class='answer   answerof-219903 ' value='875982'   \/><label for='answer-id-875982' id='answer-label-875982' class=' answer'><span>Objectives in the framework correlate directly to business practices<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-33' style=';'><div id='questionWrap-33'  class='   watupro-question-id-219904'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>33. <\/span>Which of the following is the BEST indication that a recently adopted information security framework is a good fit for an organization?<\/div><input type='hidden' name='question_id[]' id='qID_33' value='219904' \/><input type='hidden' id='answerType219904' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219904[]' id='answer-id-875983' class='answer   answerof-219904 ' value='875983'   \/><label for='answer-id-875983' id='answer-label-875983' class=' answer'><span>The framework includes industry-recognized information security best practices.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219904[]' id='answer-id-875984' class='answer   answerof-219904 ' value='875984'   \/><label for='answer-id-875984' id='answer-label-875984' class=' answer'><span>The number of security incidents has significantly declined<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219904[]' id='answer-id-875985' class='answer   answerof-219904 ' value='875985'   \/><label for='answer-id-875985' id='answer-label-875985' class=' answer'><span>The business has obtained framework certification.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219904[]' id='answer-id-875986' class='answer   answerof-219904 ' value='875986'   \/><label for='answer-id-875986' id='answer-label-875986' class=' answer'><span>Objectives in the framework correlate directly to business practices<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-34' style=';'><div id='questionWrap-34'  class='   watupro-question-id-219905'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>34. <\/span>Which of the following is MOST likely to result from a properly conducted post-incident review?<\/div><input type='hidden' name='question_id[]' id='qID_34' value='219905' \/><input type='hidden' id='answerType219905' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219905[]' id='answer-id-875987' class='answer   answerof-219905 ' value='875987'   \/><label for='answer-id-875987' id='answer-label-875987' class=' answer'><span>Breach information is provided to the organization's key stakeholders and users.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219905[]' id='answer-id-875988' class='answer   answerof-219905 ' value='875988'   \/><label for='answer-id-875988' id='answer-label-875988' class=' answer'><span>The cause of the incident is discovered and remediated.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219905[]' id='answer-id-875989' class='answer   answerof-219905 ' value='875989'   \/><label for='answer-id-875989' id='answer-label-875989' class=' answer'><span>Forensic evidence is reviewed and provided to law enforcement<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219905[]' id='answer-id-875990' class='answer   answerof-219905 ' value='875990'   \/><label for='answer-id-875990' id='answer-label-875990' class=' answer'><span>The incident response team discovers inefficiencies in the recovery process.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-35' style=';'><div id='questionWrap-35'  class='   watupro-question-id-219906'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>35. <\/span>Labeling information according to its security classification:<\/div><input type='hidden' name='question_id[]' id='qID_35' value='219906' \/><input type='hidden' id='answerType219906' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219906[]' id='answer-id-875991' class='answer   answerof-219906 ' value='875991'   \/><label for='answer-id-875991' id='answer-label-875991' class=' answer'><span>affects the consequences if information is handled insecurely,<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219906[]' id='answer-id-875992' class='answer   answerof-219906 ' value='875992'   \/><label for='answer-id-875992' id='answer-label-875992' class=' answer'><span>induces the number and type of counter measures required<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219906[]' id='answer-id-875993' class='answer   answerof-219906 ' value='875993'   \/><label for='answer-id-875993' id='answer-label-875993' class=' answer'><span>enhances the likelihood of people handling information securely,<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219906[]' id='answer-id-875994' class='answer   answerof-219906 ' value='875994'   \/><label for='answer-id-875994' id='answer-label-875994' class=' answer'><span>reduces the need to identify baseline controls for each classification.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-36' style=';'><div id='questionWrap-36'  class='   watupro-question-id-219907'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>36. <\/span>Which of the following is MOST likely to result from a properly conducted post-incident review?<\/div><input type='hidden' name='question_id[]' id='qID_36' value='219907' \/><input type='hidden' id='answerType219907' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219907[]' id='answer-id-875995' class='answer   answerof-219907 ' value='875995'   \/><label for='answer-id-875995' id='answer-label-875995' class=' answer'><span>Breach information is provided to the organization's key stakeholders and us&laquo;rs.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219907[]' id='answer-id-875996' class='answer   answerof-219907 ' value='875996'   \/><label for='answer-id-875996' id='answer-label-875996' class=' answer'><span>The cause of the incident is discovered and remediated.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219907[]' id='answer-id-875997' class='answer   answerof-219907 ' value='875997'   \/><label for='answer-id-875997' id='answer-label-875997' class=' answer'><span>Forensic evidence is reviewed and provided to law enforcement<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219907[]' id='answer-id-875998' class='answer   answerof-219907 ' value='875998'   \/><label for='answer-id-875998' id='answer-label-875998' class=' answer'><span>The incident response team discovers inefficiencies in the recovery process.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-37' style=';'><div id='questionWrap-37'  class='   watupro-question-id-219908'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>37. <\/span>Which of the following would provide senior management with the BEST overview of the performance of information security risk treatment options?<\/div><input type='hidden' name='question_id[]' id='qID_37' value='219908' \/><input type='hidden' id='answerType219908' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219908[]' id='answer-id-875999' class='answer   answerof-219908 ' value='875999'   \/><label for='answer-id-875999' id='answer-label-875999' class=' answer'><span>Before-and-after heat maps<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219908[]' id='answer-id-876000' class='answer   answerof-219908 ' value='876000'   \/><label for='answer-id-876000' id='answer-label-876000' class=' answer'><span>Analysis of recent incident<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219908[]' id='answer-id-876001' class='answer   answerof-219908 ' value='876001'   \/><label for='answer-id-876001' id='answer-label-876001' class=' answer'><span>Detailed risk analysis of the treatments<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219908[]' id='answer-id-876002' class='answer   answerof-219908 ' value='876002'   \/><label for='answer-id-876002' id='answer-label-876002' class=' answer'><span>individual risk assessments<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-38' style=';'><div id='questionWrap-38'  class='   watupro-question-id-219909'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>38. <\/span>The GREATEST benefit of choosing a private cloud over a public cloud would be:<\/div><input type='hidden' name='question_id[]' id='qID_38' value='219909' \/><input type='hidden' id='answerType219909' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219909[]' id='answer-id-876003' class='answer   answerof-219909 ' value='876003'   \/><label for='answer-id-876003' id='answer-label-876003' class=' answer'><span>containment of customer data<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219909[]' id='answer-id-876004' class='answer   answerof-219909 ' value='876004'   \/><label for='answer-id-876004' id='answer-label-876004' class=' answer'><span>collection of data forensic<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219909[]' id='answer-id-876005' class='answer   answerof-219909 ' value='876005'   \/><label for='answer-id-876005' id='answer-label-876005' class=' answer'><span>online service availability.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219909[]' id='answer-id-876006' class='answer   answerof-219909 ' value='876006'   \/><label for='answer-id-876006' id='answer-label-876006' class=' answer'><span>server protection.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-39' style=';'><div id='questionWrap-39'  class='   watupro-question-id-219910'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>39. <\/span>The PRIMARY reason an organization would require that users sign an acknowledgment of their system access responsibilities is to:<\/div><input type='hidden' name='question_id[]' id='qID_39' value='219910' \/><input type='hidden' id='answerType219910' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219910[]' id='answer-id-876007' class='answer   answerof-219910 ' value='876007'   \/><label for='answer-id-876007' id='answer-label-876007' class=' answer'><span>assign accountability for transactions made with the user's I<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219910[]' id='answer-id-876008' class='answer   answerof-219910 ' value='876008'   \/><label for='answer-id-876008' id='answer-label-876008' class=' answer'><span>maintain compliance with industry best practices.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219910[]' id='answer-id-876009' class='answer   answerof-219910 ' value='876009'   \/><label for='answer-id-876009' id='answer-label-876009' class=' answer'><span>serve as evidence of security awareness training.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219910[]' id='answer-id-876010' class='answer   answerof-219910 ' value='876010'   \/><label for='answer-id-876010' id='answer-label-876010' class=' answer'><span>maintain an accurate record of users access rights<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-40' style=';'><div id='questionWrap-40'  class='   watupro-question-id-219911'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>40. <\/span>Which of the following is MOST important to the successful development of an information security strategy?<\/div><input type='hidden' name='question_id[]' id='qID_40' value='219911' \/><input type='hidden' id='answerType219911' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219911[]' id='answer-id-876011' class='answer   answerof-219911 ' value='876011'   \/><label for='answer-id-876011' id='answer-label-876011' class=' answer'><span>An implemented development life cycle process<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219911[]' id='answer-id-876012' class='answer   answerof-219911 ' value='876012'   \/><label for='answer-id-876012' id='answer-label-876012' class=' answer'><span>A well-implemented governance framework<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219911[]' id='answer-id-876013' class='answer   answerof-219911 ' value='876013'   \/><label for='answer-id-876013' id='answer-label-876013' class=' answer'><span>Current state and desired objectives<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219911[]' id='answer-id-876014' class='answer   answerof-219911 ' value='876014'   \/><label for='answer-id-876014' id='answer-label-876014' class=' answer'><span>Approved policies and standards<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-41' style=';'><div id='questionWrap-41'  class='   watupro-question-id-219912'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>41. <\/span>Which of the following processes is the FIRST step in establishing an information security policy?<\/div><input type='hidden' name='question_id[]' id='qID_41' value='219912' \/><input type='hidden' id='answerType219912' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219912[]' id='answer-id-876015' class='answer   answerof-219912 ' value='876015'   \/><label for='answer-id-876015' id='answer-label-876015' class=' answer'><span>Review of current global standards<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219912[]' id='answer-id-876016' class='answer   answerof-219912 ' value='876016'   \/><label for='answer-id-876016' id='answer-label-876016' class=' answer'><span>Business risk assessment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219912[]' id='answer-id-876017' class='answer   answerof-219912 ' value='876017'   \/><label for='answer-id-876017' id='answer-label-876017' class=' answer'><span>Security controls evaluation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219912[]' id='answer-id-876018' class='answer   answerof-219912 ' value='876018'   \/><label for='answer-id-876018' id='answer-label-876018' class=' answer'><span>Information security audit<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-42' style=';'><div id='questionWrap-42'  class='   watupro-question-id-219913'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>42. <\/span>A company has purchased a rival organization and is looking to integrate security strategies. <br \/>\r<br>Which of the following is the GREATEST issue to consider?<\/div><input type='hidden' name='question_id[]' id='qID_42' value='219913' \/><input type='hidden' id='answerType219913' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219913[]' id='answer-id-876019' class='answer   answerof-219913 ' value='876019'   \/><label for='answer-id-876019' id='answer-label-876019' class=' answer'><span>The organizations have different risk appetites<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219913[]' id='answer-id-876020' class='answer   answerof-219913 ' value='876020'   \/><label for='answer-id-876020' id='answer-label-876020' class=' answer'><span>Differing security skills within the organizations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219913[]' id='answer-id-876021' class='answer   answerof-219913 ' value='876021'   \/><label for='answer-id-876021' id='answer-label-876021' class=' answer'><span>Confidential information could be leaked<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219913[]' id='answer-id-876022' class='answer   answerof-219913 ' value='876022'   \/><label for='answer-id-876022' id='answer-label-876022' class=' answer'><span>Differing security technologies<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-43' style=';'><div id='questionWrap-43'  class='   watupro-question-id-219914'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>43. <\/span>Which of the following is the PRIMARY reason social media has become a popular target for attack?<\/div><input type='hidden' name='question_id[]' id='qID_43' value='219914' \/><input type='hidden' id='answerType219914' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219914[]' id='answer-id-876023' class='answer   answerof-219914 ' value='876023'   \/><label for='answer-id-876023' id='answer-label-876023' class=' answer'><span>The reduced effectiveness of access controls<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219914[]' id='answer-id-876024' class='answer   answerof-219914 ' value='876024'   \/><label for='answer-id-876024' id='answer-label-876024' class=' answer'><span>The accessibility of social media from multiple locations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219914[]' id='answer-id-876025' class='answer   answerof-219914 ' value='876025'   \/><label for='answer-id-876025' id='answer-label-876025' class=' answer'><span>The prevalence of strong perimeter protection<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219914[]' id='answer-id-876026' class='answer   answerof-219914 ' value='876026'   \/><label for='answer-id-876026' id='answer-label-876026' class=' answer'><span>The element of trust created by social media<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-44' style=';'><div id='questionWrap-44'  class='   watupro-question-id-219915'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>44. <\/span>When using a newly implemented security information and event management (SIEM) infrastructure, which of the following should be considered FIRST?<\/div><input type='hidden' name='question_id[]' id='qID_44' value='219915' \/><input type='hidden' id='answerType219915' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219915[]' id='answer-id-876027' class='answer   answerof-219915 ' value='876027'   \/><label for='answer-id-876027' id='answer-label-876027' class=' answer'><span>Encryption<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219915[]' id='answer-id-876028' class='answer   answerof-219915 ' value='876028'   \/><label for='answer-id-876028' id='answer-label-876028' class=' answer'><span>Retention<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219915[]' id='answer-id-876029' class='answer   answerof-219915 ' value='876029'   \/><label for='answer-id-876029' id='answer-label-876029' class=' answer'><span>Report distribution<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219915[]' id='answer-id-876030' class='answer   answerof-219915 ' value='876030'   \/><label for='answer-id-876030' id='answer-label-876030' class=' answer'><span>Tuning<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-45' style=';'><div id='questionWrap-45'  class='   watupro-question-id-219916'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>45. <\/span>An organization's security policy is to disable access to USB storage devices on laptops and desktops. <br \/>\r<br>Which of the following is the STRONGEST justification foi granting an exception to the policy?<\/div><input type='hidden' name='question_id[]' id='qID_45' value='219916' \/><input type='hidden' id='answerType219916' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219916[]' id='answer-id-876031' class='answer   answerof-219916 ' value='876031'   \/><label for='answer-id-876031' id='answer-label-876031' class=' answer'><span>Access is restricted to read-only.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219916[]' id='answer-id-876032' class='answer   answerof-219916 ' value='876032'   \/><label for='answer-id-876032' id='answer-label-876032' class=' answer'><span>USB storage devices are enabled based on user roles<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219916[]' id='answer-id-876033' class='answer   answerof-219916 ' value='876033'   \/><label for='answer-id-876033' id='answer-label-876033' class=' answer'><span>Users accept the risk of noncompliance.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219916[]' id='answer-id-876034' class='answer   answerof-219916 ' value='876034'   \/><label for='answer-id-876034' id='answer-label-876034' class=' answer'><span>The benefit is greater than the potential risk<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-46' style=';'><div id='questionWrap-46'  class='   watupro-question-id-219917'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>46. <\/span>Which of the following is the BEST way to improve the timely reporting of information security incidents?<\/div><input type='hidden' name='question_id[]' id='qID_46' value='219917' \/><input type='hidden' id='answerType219917' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219917[]' id='answer-id-876035' class='answer   answerof-219917 ' value='876035'   \/><label for='answer-id-876035' id='answer-label-876035' class=' answer'><span>Perform periodic simulations with the incident response team.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219917[]' id='answer-id-876036' class='answer   answerof-219917 ' value='876036'   \/><label for='answer-id-876036' id='answer-label-876036' class=' answer'><span>Regularly reassess and update the incident response plan.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219917[]' id='answer-id-876037' class='answer   answerof-219917 ' value='876037'   \/><label for='answer-id-876037' id='answer-label-876037' class=' answer'><span>Integrate an intrusion detection system (IDS) in the DMZ<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219917[]' id='answer-id-876038' class='answer   answerof-219917 ' value='876038'   \/><label for='answer-id-876038' id='answer-label-876038' class=' answer'><span>Incorporate security procedures in help desk processes<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-47' style=';'><div id='questionWrap-47'  class='   watupro-question-id-219918'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>47. <\/span>Which of the following would BEST assist an information security manager in gaining strategic support from executive management?<\/div><input type='hidden' name='question_id[]' id='qID_47' value='219918' \/><input type='hidden' id='answerType219918' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219918[]' id='answer-id-876039' class='answer   answerof-219918 ' value='876039'   \/><label for='answer-id-876039' id='answer-label-876039' class=' answer'><span>Risk analysis specific to the organization<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219918[]' id='answer-id-876040' class='answer   answerof-219918 ' value='876040'   \/><label for='answer-id-876040' id='answer-label-876040' class=' answer'><span>Research on trends in global information security breaches<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219918[]' id='answer-id-876041' class='answer   answerof-219918 ' value='876041'   \/><label for='answer-id-876041' id='answer-label-876041' class=' answer'><span>Rating of the organization s security, based on international standards<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219918[]' id='answer-id-876042' class='answer   answerof-219918 ' value='876042'   \/><label for='answer-id-876042' id='answer-label-876042' class=' answer'><span>Annual report of security incidents within the organization<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-48' style=';'><div id='questionWrap-48'  class='   watupro-question-id-219919'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>48. <\/span>When information security management is receiving an increased number of false positive incident reports, which of the following is MOST important to review?<\/div><input type='hidden' name='question_id[]' id='qID_48' value='219919' \/><input type='hidden' id='answerType219919' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219919[]' id='answer-id-876043' class='answer   answerof-219919 ' value='876043'   \/><label for='answer-id-876043' id='answer-label-876043' class=' answer'><span>The security awareness programs<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219919[]' id='answer-id-876044' class='answer   answerof-219919 ' value='876044'   \/><label for='answer-id-876044' id='answer-label-876044' class=' answer'><span>Firewall logs<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219919[]' id='answer-id-876045' class='answer   answerof-219919 ' value='876045'   \/><label for='answer-id-876045' id='answer-label-876045' class=' answer'><span>The risk management processes<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219919[]' id='answer-id-876046' class='answer   answerof-219919 ' value='876046'   \/><label for='answer-id-876046' id='answer-label-876046' class=' answer'><span>Post-incident analysis results<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-49' style=';'><div id='questionWrap-49'  class='   watupro-question-id-219920'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>49. <\/span>What should be information security manager\u2019s FIRST course of action when it is discovered a staff member has been posting corporate information on social media sites?<\/div><input type='hidden' name='question_id[]' id='qID_49' value='219920' \/><input type='hidden' id='answerType219920' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219920[]' id='answer-id-876047' class='answer   answerof-219920 ' value='876047'   \/><label for='answer-id-876047' id='answer-label-876047' class=' answer'><span>Asses the classification of the data posted.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219920[]' id='answer-id-876048' class='answer   answerof-219920 ' value='876048'   \/><label for='answer-id-876048' id='answer-label-876048' class=' answer'><span>Implement controls to block the social media sites.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219920[]' id='answer-id-876049' class='answer   answerof-219920 ' value='876049'   \/><label for='answer-id-876049' id='answer-label-876049' class=' answer'><span>Refer the staff member to the information security policy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219920[]' id='answer-id-876050' class='answer   answerof-219920 ' value='876050'   \/><label for='answer-id-876050' id='answer-label-876050' class=' answer'><span>Notify senior management<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-50' style=';'><div id='questionWrap-50'  class='   watupro-question-id-219921'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>50. <\/span>Which of the following is the MOST important consideration when determining the approach for gaining organization-wide acceptance of an information security plan?<\/div><input type='hidden' name='question_id[]' id='qID_50' value='219921' \/><input type='hidden' id='answerType219921' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219921[]' id='answer-id-876051' class='answer   answerof-219921 ' value='876051'   \/><label for='answer-id-876051' id='answer-label-876051' class=' answer'><span>Mature security policy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219921[]' id='answer-id-876052' class='answer   answerof-219921 ' value='876052'   \/><label for='answer-id-876052' id='answer-label-876052' class=' answer'><span>Information security roles and responsibilities<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219921[]' id='answer-id-876053' class='answer   answerof-219921 ' value='876053'   \/><label for='answer-id-876053' id='answer-label-876053' class=' answer'><span>Organizational information security awareness<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219921[]' id='answer-id-876054' class='answer   answerof-219921 ' value='876054'   \/><label for='answer-id-876054' id='answer-label-876054' class=' answer'><span>Organizational culture<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-51' style=';'><div id='questionWrap-51'  class='   watupro-question-id-219922'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>51. <\/span>Which of the following is the MOST useful metric for determining how well firewall logs are being monitored?<\/div><input type='hidden' name='question_id[]' id='qID_51' value='219922' \/><input type='hidden' id='answerType219922' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219922[]' id='answer-id-876055' class='answer   answerof-219922 ' value='876055'   \/><label for='answer-id-876055' id='answer-label-876055' class=' answer'><span>The number of port scanning attempts<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219922[]' id='answer-id-876056' class='answer   answerof-219922 ' value='876056'   \/><label for='answer-id-876056' id='answer-label-876056' class=' answer'><span>The number of log entries reviewed<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219922[]' id='answer-id-876057' class='answer   answerof-219922 ' value='876057'   \/><label for='answer-id-876057' id='answer-label-876057' class=' answer'><span>The number of investigated alerts<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219922[]' id='answer-id-876058' class='answer   answerof-219922 ' value='876058'   \/><label for='answer-id-876058' id='answer-label-876058' class=' answer'><span>The number of dropped malformed packets<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-52' style=';'><div id='questionWrap-52'  class='   watupro-question-id-219923'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>52. <\/span>As part of an international expansion plan, an organization has acquired a company located in another jurisdiction. <br \/>\r<br>Which of the following would be the BEST way to maintain an effective information security program?<\/div><input type='hidden' name='question_id[]' id='qID_52' value='219923' \/><input type='hidden' id='answerType219923' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219923[]' id='answer-id-876059' class='answer   answerof-219923 ' value='876059'   \/><label for='answer-id-876059' id='answer-label-876059' class=' answer'><span>Determine new factors that could influence the information security strategy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219923[]' id='answer-id-876060' class='answer   answerof-219923 ' value='876060'   \/><label for='answer-id-876060' id='answer-label-876060' class=' answer'><span>Implement the current information security program in the acquired company.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219923[]' id='answer-id-876061' class='answer   answerof-219923 ' value='876061'   \/><label for='answer-id-876061' id='answer-label-876061' class=' answer'><span>Merge the two information security programs to establish continuity.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219923[]' id='answer-id-876062' class='answer   answerof-219923 ' value='876062'   \/><label for='answer-id-876062' id='answer-label-876062' class=' answer'><span>Ensure information security s included in any change control efforts<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-53' style=';'><div id='questionWrap-53'  class='   watupro-question-id-219924'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>53. <\/span>Which of the following is the MOST effective data loss control when connecting a personally owned mobile device to the corporate email system?<\/div><input type='hidden' name='question_id[]' id='qID_53' value='219924' \/><input type='hidden' id='answerType219924' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219924[]' id='answer-id-876063' class='answer   answerof-219924 ' value='876063'   \/><label for='answer-id-876063' id='answer-label-876063' class=' answer'><span>Users must agree to allow the mobile device to be wiped if it is lost<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219924[]' id='answer-id-876064' class='answer   answerof-219924 ' value='876064'   \/><label for='answer-id-876064' id='answer-label-876064' class=' answer'><span>Email must be stored in an encrypted format on the mobile device<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219924[]' id='answer-id-876065' class='answer   answerof-219924 ' value='876065'   \/><label for='answer-id-876065' id='answer-label-876065' class=' answer'><span>A senior manager must approve each new connection<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219924[]' id='answer-id-876066' class='answer   answerof-219924 ' value='876066'   \/><label for='answer-id-876066' id='answer-label-876066' class=' answer'><span>Email synchronization must be prevented when connected to a public Wi-Fi hotspot.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-54' style=';'><div id='questionWrap-54'  class='   watupro-question-id-219925'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>54. <\/span>An organization has implemented an enhanced password policy for business applications which requires significantly more business resource to support clients. <br \/>\r<br>The BEST approach to obtain the support of business management would be to:<\/div><input type='hidden' name='question_id[]' id='qID_54' value='219925' \/><input type='hidden' id='answerType219925' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219925[]' id='answer-id-876067' class='answer   answerof-219925 ' value='876067'   \/><label for='answer-id-876067' id='answer-label-876067' class=' answer'><span>Present an analysis of the cost and benefit of the changes<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219925[]' id='answer-id-876068' class='answer   answerof-219925 ' value='876068'   \/><label for='answer-id-876068' id='answer-label-876068' class=' answer'><span>Elaborate on the positive impact to information security<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219925[]' id='answer-id-876069' class='answer   answerof-219925 ' value='876069'   \/><label for='answer-id-876069' id='answer-label-876069' class=' answer'><span>Present industry benchmarking results to business units<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219925[]' id='answer-id-876070' class='answer   answerof-219925 ' value='876070'   \/><label for='answer-id-876070' id='answer-label-876070' class=' answer'><span>Discuss the risk and impact of security incidents if not implemented<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-55' style=';'><div id='questionWrap-55'  class='   watupro-question-id-219926'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>55. <\/span>Which of the following is the BEST resource for evaluating the strengths and weaknesses of an incident response plan?<\/div><input type='hidden' name='question_id[]' id='qID_55' value='219926' \/><input type='hidden' id='answerType219926' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219926[]' id='answer-id-876071' class='answer   answerof-219926 ' value='876071'   \/><label for='answer-id-876071' id='answer-label-876071' class=' answer'><span>Recovery time objectives (RTOs)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219926[]' id='answer-id-876072' class='answer   answerof-219926 ' value='876072'   \/><label for='answer-id-876072' id='answer-label-876072' class=' answer'><span>Mission, goals and objectives<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219926[]' id='answer-id-876073' class='answer   answerof-219926 ' value='876073'   \/><label for='answer-id-876073' id='answer-label-876073' class=' answer'><span>Incident response maturity assessment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219926[]' id='answer-id-876074' class='answer   answerof-219926 ' value='876074'   \/><label for='answer-id-876074' id='answer-label-876074' class=' answer'><span>Documentation from preparedness tests<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-56' style=';'><div id='questionWrap-56'  class='   watupro-question-id-219927'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>56. <\/span>Which of the following is the BEST way to demonstrate to senior management that organizational security practices comply with industry standards?<\/div><input type='hidden' name='question_id[]' id='qID_56' value='219927' \/><input type='hidden' id='answerType219927' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219927[]' id='answer-id-876075' class='answer   answerof-219927 ' value='876075'   \/><label for='answer-id-876075' id='answer-label-876075' class=' answer'><span>Existence of an industry-accepted framework<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219927[]' id='answer-id-876076' class='answer   answerof-219927 ' value='876076'   \/><label for='answer-id-876076' id='answer-label-876076' class=' answer'><span>Up-to-date policy and procedures documentation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219927[]' id='answer-id-876077' class='answer   answerof-219927 ' value='876077'   \/><label for='answer-id-876077' id='answer-label-876077' class=' answer'><span>A report on the maturity of controls<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219927[]' id='answer-id-876078' class='answer   answerof-219927 ' value='876078'   \/><label for='answer-id-876078' id='answer-label-876078' class=' answer'><span>Results of an independent assessment<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-57' style=';'><div id='questionWrap-57'  class='   watupro-question-id-219928'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>57. <\/span>Over the last year, an information security manager has performed risk assessments on multiple third-party vendors. <br \/>\r<br>Which of the following criteria would be MOST helpful in determining the associated level of risk applied to each vendor?<\/div><input type='hidden' name='question_id[]' id='qID_57' value='219928' \/><input type='hidden' id='answerType219928' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219928[]' id='answer-id-876079' class='answer   answerof-219928 ' value='876079'   \/><label for='answer-id-876079' id='answer-label-876079' class=' answer'><span>Criticality of the service to the organization<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219928[]' id='answer-id-876080' class='answer   answerof-219928 ' value='876080'   \/><label for='answer-id-876080' id='answer-label-876080' class=' answer'><span>Compliance requirements associated with the regulation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219928[]' id='answer-id-876081' class='answer   answerof-219928 ' value='876081'   \/><label for='answer-id-876081' id='answer-label-876081' class=' answer'><span>Compensating controls in place to protect information security<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219928[]' id='answer-id-876082' class='answer   answerof-219928 ' value='876082'   \/><label for='answer-id-876082' id='answer-label-876082' class=' answer'><span>Corresponding breaches associated with each vendor<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-58' style=';'><div id='questionWrap-58'  class='   watupro-question-id-219929'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>58. <\/span>After implementing an information security governance framework, which of the following would provide the BEST information to develop an information security project plan?<\/div><input type='hidden' name='question_id[]' id='qID_58' value='219929' \/><input type='hidden' id='answerType219929' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219929[]' id='answer-id-876083' class='answer   answerof-219929 ' value='876083'   \/><label for='answer-id-876083' id='answer-label-876083' class=' answer'><span>Risk heat map<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219929[]' id='answer-id-876084' class='answer   answerof-219929 ' value='876084'   \/><label for='answer-id-876084' id='answer-label-876084' class=' answer'><span>Recent audit results<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219929[]' id='answer-id-876085' class='answer   answerof-219929 ' value='876085'   \/><label for='answer-id-876085' id='answer-label-876085' class=' answer'><span>Balanced scorecard<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219929[]' id='answer-id-876086' class='answer   answerof-219929 ' value='876086'   \/><label for='answer-id-876086' id='answer-label-876086' class=' answer'><span>Gap analysis<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-59' style=';'><div id='questionWrap-59'  class='   watupro-question-id-219930'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>59. <\/span>Which of the following is the BEST method to defend against social engineering attacks?<\/div><input type='hidden' name='question_id[]' id='qID_59' value='219930' \/><input type='hidden' id='answerType219930' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219930[]' id='answer-id-876087' class='answer   answerof-219930 ' value='876087'   \/><label for='answer-id-876087' id='answer-label-876087' class=' answer'><span>Monitor for unauthorized access attempts and failed logins.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219930[]' id='answer-id-876088' class='answer   answerof-219930 ' value='876088'   \/><label for='answer-id-876088' id='answer-label-876088' class=' answer'><span>Employ the use of a web-content filtering solution.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219930[]' id='answer-id-876089' class='answer   answerof-219930 ' value='876089'   \/><label for='answer-id-876089' id='answer-label-876089' class=' answer'><span>Communicate guideline to limit information posted to public sites<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219930[]' id='answer-id-876090' class='answer   answerof-219930 ' value='876090'   \/><label for='answer-id-876090' id='answer-label-876090' class=' answer'><span>Periodically perform antivirus scans to identify malware<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-60' style=';'><div id='questionWrap-60'  class='   watupro-question-id-219931'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>60. <\/span>Which of the following would provide the MOST useful input when creating an information security program?<\/div><input type='hidden' name='question_id[]' id='qID_60' value='219931' \/><input type='hidden' id='answerType219931' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219931[]' id='answer-id-876091' class='answer   answerof-219931 ' value='876091'   \/><label for='answer-id-876091' id='answer-label-876091' class=' answer'><span>Business case<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219931[]' id='answer-id-876092' class='answer   answerof-219931 ' value='876092'   \/><label for='answer-id-876092' id='answer-label-876092' class=' answer'><span>Information security budget<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219931[]' id='answer-id-876093' class='answer   answerof-219931 ' value='876093'   \/><label for='answer-id-876093' id='answer-label-876093' class=' answer'><span>Key risk indicators (KRls)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219931[]' id='answer-id-876094' class='answer   answerof-219931 ' value='876094'   \/><label for='answer-id-876094' id='answer-label-876094' class=' answer'><span>Information security strategy<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-61' style=';'><div id='questionWrap-61'  class='   watupro-question-id-219932'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>61. <\/span>Which of the following is an information security manager\u2019s BEST course of action when informed of decision to reduce funding for the information security program?<\/div><input type='hidden' name='question_id[]' id='qID_61' value='219932' \/><input type='hidden' id='answerType219932' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219932[]' id='answer-id-876095' class='answer   answerof-219932 ' value='876095'   \/><label for='answer-id-876095' id='answer-label-876095' class=' answer'><span>Remove overlapping security controls<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219932[]' id='answer-id-876096' class='answer   answerof-219932 ' value='876096'   \/><label for='answer-id-876096' id='answer-label-876096' class=' answer'><span>Prioritize security projects based on risk.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219932[]' id='answer-id-876097' class='answer   answerof-219932 ' value='876097'   \/><label for='answer-id-876097' id='answer-label-876097' class=' answer'><span>Design key risk indicators (KRIs)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219932[]' id='answer-id-876098' class='answer   answerof-219932 ' value='876098'   \/><label for='answer-id-876098' id='answer-label-876098' class=' answer'><span>Create a business case appeal decision.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-62' style=';'><div id='questionWrap-62'  class='   watupro-question-id-219933'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>62. <\/span>Which of the following will BEST protect an organization against spear phishing?<\/div><input type='hidden' name='question_id[]' id='qID_62' value='219933' \/><input type='hidden' id='answerType219933' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219933[]' id='answer-id-876099' class='answer   answerof-219933 ' value='876099'   \/><label for='answer-id-876099' id='answer-label-876099' class=' answer'><span>Antivirus software<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219933[]' id='answer-id-876100' class='answer   answerof-219933 ' value='876100'   \/><label for='answer-id-876100' id='answer-label-876100' class=' answer'><span>Acceptable use policy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219933[]' id='answer-id-876101' class='answer   answerof-219933 ' value='876101'   \/><label for='answer-id-876101' id='answer-label-876101' class=' answer'><span>Email content filtering<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219933[]' id='answer-id-876102' class='answer   answerof-219933 ' value='876102'   \/><label for='answer-id-876102' id='answer-label-876102' class=' answer'><span>End-user training<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-63' style=';'><div id='questionWrap-63'  class='   watupro-question-id-219934'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>63. <\/span>Which of the following should be PRIMARILY included in a security training program for business process owners?<\/div><input type='hidden' name='question_id[]' id='qID_63' value='219934' \/><input type='hidden' id='answerType219934' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219934[]' id='answer-id-876103' class='answer   answerof-219934 ' value='876103'   \/><label for='answer-id-876103' id='answer-label-876103' class=' answer'><span>Application recovery time<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219934[]' id='answer-id-876104' class='answer   answerof-219934 ' value='876104'   \/><label for='answer-id-876104' id='answer-label-876104' class=' answer'><span>Impact of security risks<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219934[]' id='answer-id-876105' class='answer   answerof-219934 ' value='876105'   \/><label for='answer-id-876105' id='answer-label-876105' class=' answer'><span>Application vulnerabilities<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219934[]' id='answer-id-876106' class='answer   answerof-219934 ' value='876106'   \/><label for='answer-id-876106' id='answer-label-876106' class=' answer'><span>List of security incidents reported<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-64' style=';'><div id='questionWrap-64'  class='   watupro-question-id-219935'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>64. <\/span>Which of the following external entities would provide the BEST guideance to an organization facing advanced attacks?<\/div><input type='hidden' name='question_id[]' id='qID_64' value='219935' \/><input type='hidden' id='answerType219935' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219935[]' id='answer-id-876107' class='answer   answerof-219935 ' value='876107'   \/><label for='answer-id-876107' id='answer-label-876107' class=' answer'><span>Recognised threat intelligence communities<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219935[]' id='answer-id-876108' class='answer   answerof-219935 ' value='876108'   \/><label for='answer-id-876108' id='answer-label-876108' class=' answer'><span>Open-source reconnaissance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219935[]' id='answer-id-876109' class='answer   answerof-219935 ' value='876109'   \/><label for='answer-id-876109' id='answer-label-876109' class=' answer'><span>Disaster recovery consultants widely endorsed in industry forums<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219935[]' id='answer-id-876110' class='answer   answerof-219935 ' value='876110'   \/><label for='answer-id-876110' id='answer-label-876110' class=' answer'><span>Incident response experts from highly regarded peer organizations<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-65' style=';'><div id='questionWrap-65'  class='   watupro-question-id-219936'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>65. <\/span>Which of the following is a PRIMARY security responsibility of an information owner?<\/div><input type='hidden' name='question_id[]' id='qID_65' value='219936' \/><input type='hidden' id='answerType219936' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219936[]' id='answer-id-876111' class='answer   answerof-219936 ' value='876111'   \/><label for='answer-id-876111' id='answer-label-876111' class=' answer'><span>Testing information classification controls<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219936[]' id='answer-id-876112' class='answer   answerof-219936 ' value='876112'   \/><label for='answer-id-876112' id='answer-label-876112' class=' answer'><span>Determining the controls associated with information classification<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219936[]' id='answer-id-876113' class='answer   answerof-219936 ' value='876113'   \/><label for='answer-id-876113' id='answer-label-876113' class=' answer'><span>Maintaining the integrity of data in the information system<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219936[]' id='answer-id-876114' class='answer   answerof-219936 ' value='876114'   \/><label for='answer-id-876114' id='answer-label-876114' class=' answer'><span>Deciding what level of classification the information requires<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-66' style=';'><div id='questionWrap-66'  class='   watupro-question-id-219937'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>66. <\/span>To ensure appropriate control of information processed in IT systems, security safeguards should be based PRIMARILY on:<\/div><input type='hidden' name='question_id[]' id='qID_66' value='219937' \/><input type='hidden' id='answerType219937' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219937[]' id='answer-id-876115' class='answer   answerof-219937 ' value='876115'   \/><label for='answer-id-876115' id='answer-label-876115' class=' answer'><span>criteria consistent with classification levels<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219937[]' id='answer-id-876116' class='answer   answerof-219937 ' value='876116'   \/><label for='answer-id-876116' id='answer-label-876116' class=' answer'><span>efficient technical processing considerations,<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219937[]' id='answer-id-876117' class='answer   answerof-219937 ' value='876117'   \/><label for='answer-id-876117' id='answer-label-876117' class=' answer'><span>overall IT capacity and operational constraints,<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219937[]' id='answer-id-876118' class='answer   answerof-219937 ' value='876118'   \/><label for='answer-id-876118' id='answer-label-876118' class=' answer'><span>established guidelines<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-67' style=';'><div id='questionWrap-67'  class='   watupro-question-id-219938'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>67. <\/span>Which of the following BEST enables an effective escalation process within an incident response program?<\/div><input type='hidden' name='question_id[]' id='qID_67' value='219938' \/><input type='hidden' id='answerType219938' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219938[]' id='answer-id-876119' class='answer   answerof-219938 ' value='876119'   \/><label for='answer-id-876119' id='answer-label-876119' class=' answer'><span>Dedicated funding for incident management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219938[]' id='answer-id-876120' class='answer   answerof-219938 ' value='876120'   \/><label for='answer-id-876120' id='answer-label-876120' class=' answer'><span>Adequate incident response staffing<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219938[]' id='answer-id-876121' class='answer   answerof-219938 ' value='876121'   \/><label for='answer-id-876121' id='answer-label-876121' class=' answer'><span>Monitored program metrics<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219938[]' id='answer-id-876122' class='answer   answerof-219938 ' value='876122'   \/><label for='answer-id-876122' id='answer-label-876122' class=' answer'><span>Defined incident thresholds<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-68' style=';'><div id='questionWrap-68'  class='   watupro-question-id-219939'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>68. <\/span>Which of the following activities BEST enables executive management to ensure value delivery within an information security program?<\/div><input type='hidden' name='question_id[]' id='qID_68' value='219939' \/><input type='hidden' id='answerType219939' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219939[]' id='answer-id-876123' class='answer   answerof-219939 ' value='876123'   \/><label for='answer-id-876123' id='answer-label-876123' class=' answer'><span>Requiring employees to undergo information security awareness training<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219939[]' id='answer-id-876124' class='answer   answerof-219939 ' value='876124'   \/><label for='answer-id-876124' id='answer-label-876124' class=' answer'><span>Assigning an information security manager to a senior management position<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219939[]' id='answer-id-876125' class='answer   answerof-219939 ' value='876125'   \/><label for='answer-id-876125' id='answer-label-876125' class=' answer'><span>Approving an industry-recognized information security framework<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219939[]' id='answer-id-876126' class='answer   answerof-219939 ' value='876126'   \/><label for='answer-id-876126' id='answer-label-876126' class=' answer'><span>Reviewing business cases for information security initiatives<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-69' style=';'><div id='questionWrap-69'  class='   watupro-question-id-219940'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>69. <\/span>Which of the following would present the GREATEST need to revise information security poll'<\/div><input type='hidden' name='question_id[]' id='qID_69' value='219940' \/><input type='hidden' id='answerType219940' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219940[]' id='answer-id-876127' class='answer   answerof-219940 ' value='876127'   \/><label for='answer-id-876127' id='answer-label-876127' class=' answer'><span>Implementation of a new firewall<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219940[]' id='answer-id-876128' class='answer   answerof-219940 ' value='876128'   \/><label for='answer-id-876128' id='answer-label-876128' class=' answer'><span>An increase in reported incidents<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219940[]' id='answer-id-876129' class='answer   answerof-219940 ' value='876129'   \/><label for='answer-id-876129' id='answer-label-876129' class=' answer'><span>A merger with a competing company<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219940[]' id='answer-id-876130' class='answer   answerof-219940 ' value='876130'   \/><label for='answer-id-876130' id='answer-label-876130' class=' answer'><span>Changes in standards and procedures<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-70' style=';'><div id='questionWrap-70'  class='   watupro-question-id-219941'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>70. <\/span>During which phase of an incident response process should corrective actions to the response procedure be considered and implemented?<\/div><input type='hidden' name='question_id[]' id='qID_70' value='219941' \/><input type='hidden' id='answerType219941' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219941[]' id='answer-id-876131' class='answer   answerof-219941 ' value='876131'   \/><label for='answer-id-876131' id='answer-label-876131' class=' answer'><span>Review<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219941[]' id='answer-id-876132' class='answer   answerof-219941 ' value='876132'   \/><label for='answer-id-876132' id='answer-label-876132' class=' answer'><span>Identification<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219941[]' id='answer-id-876133' class='answer   answerof-219941 ' value='876133'   \/><label for='answer-id-876133' id='answer-label-876133' class=' answer'><span>Eradication<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219941[]' id='answer-id-876134' class='answer   answerof-219941 ' value='876134'   \/><label for='answer-id-876134' id='answer-label-876134' class=' answer'><span>Containment<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-71' style=';'><div id='questionWrap-71'  class='   watupro-question-id-219942'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>71. <\/span>The PRIMARY benefit of integrating information security activities into change management processes is to:<\/div><input type='hidden' name='question_id[]' id='qID_71' value='219942' \/><input type='hidden' id='answerType219942' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219942[]' id='answer-id-876135' class='answer   answerof-219942 ' value='876135'   \/><label for='answer-id-876135' id='answer-label-876135' class=' answer'><span>provide greater accountability for security-related changes In the business<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219942[]' id='answer-id-876136' class='answer   answerof-219942 ' value='876136'   \/><label for='answer-id-876136' id='answer-label-876136' class=' answer'><span>protect the organization from unauthorized changes.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219942[]' id='answer-id-876137' class='answer   answerof-219942 ' value='876137'   \/><label for='answer-id-876137' id='answer-label-876137' class=' answer'><span>protect the business from collusion and compliance threats.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219942[]' id='answer-id-876138' class='answer   answerof-219942 ' value='876138'   \/><label for='answer-id-876138' id='answer-label-876138' class=' answer'><span>ensure required controls are Included in changes.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-72' style=';'><div id='questionWrap-72'  class='   watupro-question-id-219943'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>72. <\/span>Within a security governance framework, which of the following is the MOST important characteristic of the information security committee? The committee:<\/div><input type='hidden' name='question_id[]' id='qID_72' value='219943' \/><input type='hidden' id='answerType219943' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219943[]' id='answer-id-876139' class='answer   answerof-219943 ' value='876139'   \/><label for='answer-id-876139' id='answer-label-876139' class=' answer'><span>has a clearly defined charier and meeting protocols.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219943[]' id='answer-id-876140' class='answer   answerof-219943 ' value='876140'   \/><label for='answer-id-876140' id='answer-label-876140' class=' answer'><span>includes a mix of members from all levels of management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219943[]' id='answer-id-876141' class='answer   answerof-219943 ' value='876141'   \/><label for='answer-id-876141' id='answer-label-876141' class=' answer'><span>conducts frequent reviews of the security policy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219943[]' id='answer-id-876142' class='answer   answerof-219943 ' value='876142'   \/><label for='answer-id-876142' id='answer-label-876142' class=' answer'><span>has established relationships with external professionals.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-73' style=';'><div id='questionWrap-73'  class='   watupro-question-id-219944'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>73. <\/span>Which of the following is an information security manager's BEST course of action to address a significant materialized risk that was not prevented by organizational controls?<\/div><input type='hidden' name='question_id[]' id='qID_73' value='219944' \/><input type='hidden' id='answerType219944' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219944[]' id='answer-id-876143' class='answer   answerof-219944 ' value='876143'   \/><label for='answer-id-876143' id='answer-label-876143' class=' answer'><span>Update the business impact analysis (BIA)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219944[]' id='answer-id-876144' class='answer   answerof-219944 ' value='876144'   \/><label for='answer-id-876144' id='answer-label-876144' class=' answer'><span>Update the risk register.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219944[]' id='answer-id-876145' class='answer   answerof-219944 ' value='876145'   \/><label for='answer-id-876145' id='answer-label-876145' class=' answer'><span>Perform root cause analysis.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219944[]' id='answer-id-876146' class='answer   answerof-219944 ' value='876146'   \/><label for='answer-id-876146' id='answer-label-876146' class=' answer'><span>Invoke the incident response plan.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-74' style=';'><div id='questionWrap-74'  class='   watupro-question-id-219945'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>74. <\/span>Which of the following control type is the FIRST consideration for aligning employee behavior with an organization\u2019s information security objectives?<\/div><input type='hidden' name='question_id[]' id='qID_74' value='219945' \/><input type='hidden' id='answerType219945' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219945[]' id='answer-id-876147' class='answer   answerof-219945 ' value='876147'   \/><label for='answer-id-876147' id='answer-label-876147' class=' answer'><span>Physical security control<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219945[]' id='answer-id-876148' class='answer   answerof-219945 ' value='876148'   \/><label for='answer-id-876148' id='answer-label-876148' class=' answer'><span>Directive security<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219945[]' id='answer-id-876149' class='answer   answerof-219945 ' value='876149'   \/><label for='answer-id-876149' id='answer-label-876149' class=' answer'><span>Technical security controls<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219945[]' id='answer-id-876150' class='answer   answerof-219945 ' value='876150'   \/><label for='answer-id-876150' id='answer-label-876150' class=' answer'><span>Logical access control<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-75' style=';'><div id='questionWrap-75'  class='   watupro-question-id-219946'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>75. <\/span>Which of the following would BEST justify spending for a compensating control?<\/div><input type='hidden' name='question_id[]' id='qID_75' value='219946' \/><input type='hidden' id='answerType219946' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219946[]' id='answer-id-876151' class='answer   answerof-219946 ' value='876151'   \/><label for='answer-id-876151' id='answer-label-876151' class=' answer'><span>Risk analysis<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219946[]' id='answer-id-876152' class='answer   answerof-219946 ' value='876152'   \/><label for='answer-id-876152' id='answer-label-876152' class=' answer'><span>Vulnerability analysis<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219946[]' id='answer-id-876153' class='answer   answerof-219946 ' value='876153'   \/><label for='answer-id-876153' id='answer-label-876153' class=' answer'><span>Threats analysis<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219946[]' id='answer-id-876154' class='answer   answerof-219946 ' value='876154'   \/><label for='answer-id-876154' id='answer-label-876154' class=' answer'><span>Peer benchmarking<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-76' style=';'><div id='questionWrap-76'  class='   watupro-question-id-219947'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>76. <\/span>To gain a clear understanding of the impact that a new regulatory will have on an organization\u2019s security control, an information manager should FIRST.<\/div><input type='hidden' name='question_id[]' id='qID_76' value='219947' \/><input type='hidden' id='answerType219947' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219947[]' id='answer-id-876155' class='answer   answerof-219947 ' value='876155'   \/><label for='answer-id-876155' id='answer-label-876155' class=' answer'><span>Conduct a risk assessment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219947[]' id='answer-id-876156' class='answer   answerof-219947 ' value='876156'   \/><label for='answer-id-876156' id='answer-label-876156' class=' answer'><span>Interview senior management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219947[]' id='answer-id-876157' class='answer   answerof-219947 ' value='876157'   \/><label for='answer-id-876157' id='answer-label-876157' class=' answer'><span>Perform a gap analysis<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219947[]' id='answer-id-876158' class='answer   answerof-219947 ' value='876158'   \/><label for='answer-id-876158' id='answer-label-876158' class=' answer'><span>Conduct a cost-benefit analysis<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-77' style=';'><div id='questionWrap-77'  class='   watupro-question-id-219948'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>77. <\/span>An emergency change was made to an IT system as a result of a failure. <br \/>\r<br>Which of the following should be of GREATEST concern to the organizations information security manager?<\/div><input type='hidden' name='question_id[]' id='qID_77' value='219948' \/><input type='hidden' id='answerType219948' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219948[]' id='answer-id-876159' class='answer   answerof-219948 ' value='876159'   \/><label for='answer-id-876159' id='answer-label-876159' class=' answer'><span>The change did not include a proper assessment of risk.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219948[]' id='answer-id-876160' class='answer   answerof-219948 ' value='876160'   \/><label for='answer-id-876160' id='answer-label-876160' class=' answer'><span>Documentation of the change was made after implementation.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219948[]' id='answer-id-876161' class='answer   answerof-219948 ' value='876161'   \/><label for='answer-id-876161' id='answer-label-876161' class=' answer'><span>The operations team implemented the change without regression testing,<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219948[]' id='answer-id-876162' class='answer   answerof-219948 ' value='876162'   \/><label for='answer-id-876162' id='answer-label-876162' class=' answer'><span>The information security manager did not review the change prior to implementation.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-78' style=';'><div id='questionWrap-78'  class='   watupro-question-id-219949'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>78. <\/span>The PRIMARY purpose of vulnerability assessments is to:<\/div><input type='hidden' name='question_id[]' id='qID_78' value='219949' \/><input type='hidden' id='answerType219949' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219949[]' id='answer-id-876163' class='answer   answerof-219949 ' value='876163'   \/><label for='answer-id-876163' id='answer-label-876163' class=' answer'><span>provide clear evidence that the system is sufficiently secure.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219949[]' id='answer-id-876164' class='answer   answerof-219949 ' value='876164'   \/><label for='answer-id-876164' id='answer-label-876164' class=' answer'><span>test intrusion detection systems (IDS) and response procedures<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219949[]' id='answer-id-876165' class='answer   answerof-219949 ' value='876165'   \/><label for='answer-id-876165' id='answer-label-876165' class=' answer'><span>detect deficiencies that could lead to a system compromise.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219949[]' id='answer-id-876166' class='answer   answerof-219949 ' value='876166'   \/><label for='answer-id-876166' id='answer-label-876166' class=' answer'><span>determine the impact of potential threats,<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-79' style=';'><div id='questionWrap-79'  class='   watupro-question-id-219950'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>79. <\/span>A business unit uses e-commerce with a strong password policy. Many customers complain that they cannot remember their password because they are too long and complex. The business unit states it is imperative to improve the customer experience. The information security manager should FIRST.<\/div><input type='hidden' name='question_id[]' id='qID_79' value='219950' \/><input type='hidden' id='answerType219950' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219950[]' id='answer-id-876167' class='answer   answerof-219950 ' value='876167'   \/><label for='answer-id-876167' id='answer-label-876167' class=' answer'><span>Change the password policy to improve the customer experience<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219950[]' id='answer-id-876168' class='answer   answerof-219950 ' value='876168'   \/><label for='answer-id-876168' id='answer-label-876168' class=' answer'><span>Reach alternative secure of identify verification<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219950[]' id='answer-id-876169' class='answer   answerof-219950 ' value='876169'   \/><label for='answer-id-876169' id='answer-label-876169' class=' answer'><span>Recommended implementing two-factor authentication.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219950[]' id='answer-id-876170' class='answer   answerof-219950 ' value='876170'   \/><label for='answer-id-876170' id='answer-label-876170' class=' answer'><span>Evaluate the impact of the customer\u2019s experience on business revenue.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-80' style=';'><div id='questionWrap-80'  class='   watupro-question-id-219951'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>80. <\/span>Before final acceptance of residual risk, what is the BEST way for an information security manager to address risk factors determined to be lower than acceptable risk levels?<\/div><input type='hidden' name='question_id[]' id='qID_80' value='219951' \/><input type='hidden' id='answerType219951' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219951[]' id='answer-id-876171' class='answer   answerof-219951 ' value='876171'   \/><label for='answer-id-876171' id='answer-label-876171' class=' answer'><span>Implement more stringent countermeasures.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219951[]' id='answer-id-876172' class='answer   answerof-219951 ' value='876172'   \/><label for='answer-id-876172' id='answer-label-876172' class=' answer'><span>Evaluate whether an excessive level of control is being applied.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219951[]' id='answer-id-876173' class='answer   answerof-219951 ' value='876173'   \/><label for='answer-id-876173' id='answer-label-876173' class=' answer'><span>Ask senior management to increase the acceptable risk levels<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219951[]' id='answer-id-876174' class='answer   answerof-219951 ' value='876174'   \/><label for='answer-id-876174' id='answer-label-876174' class=' answer'><span>Ask senior management to lower the acceptable risk levels.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-81' style=';'><div id='questionWrap-81'  class='   watupro-question-id-219952'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>81. <\/span>Which of the following is the MOST effective defense against spear phishing attacks?<\/div><input type='hidden' name='question_id[]' id='qID_81' value='219952' \/><input type='hidden' id='answerType219952' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219952[]' id='answer-id-876175' class='answer   answerof-219952 ' value='876175'   \/><label for='answer-id-876175' id='answer-label-876175' class=' answer'><span>Unified threat management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219952[]' id='answer-id-876176' class='answer   answerof-219952 ' value='876176'   \/><label for='answer-id-876176' id='answer-label-876176' class=' answer'><span>Web filtering<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219952[]' id='answer-id-876177' class='answer   answerof-219952 ' value='876177'   \/><label for='answer-id-876177' id='answer-label-876177' class=' answer'><span>Anti-spam solution<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219952[]' id='answer-id-876178' class='answer   answerof-219952 ' value='876178'   \/><label for='answer-id-876178' id='answer-label-876178' class=' answer'><span>User awareness training<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-82' style=';'><div id='questionWrap-82'  class='   watupro-question-id-219953'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>82. <\/span>Which of the following provides the MOST relevant evidence of incident response maturity?<\/div><input type='hidden' name='question_id[]' id='qID_82' value='219953' \/><input type='hidden' id='answerType219953' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219953[]' id='answer-id-876179' class='answer   answerof-219953 ' value='876179'   \/><label for='answer-id-876179' id='answer-label-876179' class=' answer'><span>Red team testing results<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219953[]' id='answer-id-876180' class='answer   answerof-219953 ' value='876180'   \/><label for='answer-id-876180' id='answer-label-876180' class=' answer'><span>Average incident closure time<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219953[]' id='answer-id-876181' class='answer   answerof-219953 ' value='876181'   \/><label for='answer-id-876181' id='answer-label-876181' class=' answer'><span>Independent audit assessment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219953[]' id='answer-id-876182' class='answer   answerof-219953 ' value='876182'   \/><label for='answer-id-876182' id='answer-label-876182' class=' answer'><span>Tabletop exercise results<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-83' style=';'><div id='questionWrap-83'  class='   watupro-question-id-219954'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>83. <\/span>Relying on which of the following methods when detecting new threats using IDS should be of MOST concern?<\/div><input type='hidden' name='question_id[]' id='qID_83' value='219954' \/><input type='hidden' id='answerType219954' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219954[]' id='answer-id-876183' class='answer   answerof-219954 ' value='876183'   \/><label for='answer-id-876183' id='answer-label-876183' class=' answer'><span>Statistical pattern recognition<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219954[]' id='answer-id-876184' class='answer   answerof-219954 ' value='876184'   \/><label for='answer-id-876184' id='answer-label-876184' class=' answer'><span>Attack signatures<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219954[]' id='answer-id-876185' class='answer   answerof-219954 ' value='876185'   \/><label for='answer-id-876185' id='answer-label-876185' class=' answer'><span>Heuristic analysis<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219954[]' id='answer-id-876186' class='answer   answerof-219954 ' value='876186'   \/><label for='answer-id-876186' id='answer-label-876186' class=' answer'><span>Traffic analysis<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-84' style=';'><div id='questionWrap-84'  class='   watupro-question-id-219955'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>84. <\/span>Which is MOST important to enable a timely response to a security breach?<\/div><input type='hidden' name='question_id[]' id='qID_84' value='219955' \/><input type='hidden' id='answerType219955' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219955[]' id='answer-id-876187' class='answer   answerof-219955 ' value='876187'   \/><label for='answer-id-876187' id='answer-label-876187' class=' answer'><span>Knowledge sharing and collaboration<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219955[]' id='answer-id-876188' class='answer   answerof-219955 ' value='876188'   \/><label for='answer-id-876188' id='answer-label-876188' class=' answer'><span>Security event logging<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219955[]' id='answer-id-876189' class='answer   answerof-219955 ' value='876189'   \/><label for='answer-id-876189' id='answer-label-876189' class=' answer'><span>Roles and responsibilities<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219955[]' id='answer-id-876190' class='answer   answerof-219955 ' value='876190'   \/><label for='answer-id-876190' id='answer-label-876190' class=' answer'><span>Forensic analysis<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-85' style=';'><div id='questionWrap-85'  class='   watupro-question-id-219956'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>85. <\/span>Which of the following is the BEST way to increase the visibility of information security within an organization's culture?<\/div><input type='hidden' name='question_id[]' id='qID_85' value='219956' \/><input type='hidden' id='answerType219956' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219956[]' id='answer-id-876191' class='answer   answerof-219956 ' value='876191'   \/><label for='answer-id-876191' id='answer-label-876191' class=' answer'><span>Requiring cross-functional information security training<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219956[]' id='answer-id-876192' class='answer   answerof-219956 ' value='876192'   \/><label for='answer-id-876192' id='answer-label-876192' class=' answer'><span>Implementing user awareness campaigns for the entire company<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219956[]' id='answer-id-876193' class='answer   answerof-219956 ' value='876193'   \/><label for='answer-id-876193' id='answer-label-876193' class=' answer'><span>Publishing an acceptable use policy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219956[]' id='answer-id-876194' class='answer   answerof-219956 ' value='876194'   \/><label for='answer-id-876194' id='answer-label-876194' class=' answer'><span>Establishing security policies based on industry standards<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-86' style=';'><div id='questionWrap-86'  class='   watupro-question-id-219957'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>86. <\/span>After a server has been attacked, which of the following is the BEST course of action?<\/div><input type='hidden' name='question_id[]' id='qID_86' value='219957' \/><input type='hidden' id='answerType219957' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219957[]' id='answer-id-876195' class='answer   answerof-219957 ' value='876195'   \/><label for='answer-id-876195' id='answer-label-876195' class=' answer'><span>Review vulnerability assessment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219957[]' id='answer-id-876196' class='answer   answerof-219957 ' value='876196'   \/><label for='answer-id-876196' id='answer-label-876196' class=' answer'><span>Conduct a security audit<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219957[]' id='answer-id-876197' class='answer   answerof-219957 ' value='876197'   \/><label for='answer-id-876197' id='answer-label-876197' class=' answer'><span>Initiate modem response<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219957[]' id='answer-id-876198' class='answer   answerof-219957 ' value='876198'   \/><label for='answer-id-876198' id='answer-label-876198' class=' answer'><span>Isolate the system.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-87' style=';'><div id='questionWrap-87'  class='   watupro-question-id-219958'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>87. <\/span>Which of the following is the MOST important driver when developing an effective information security strategy?<\/div><input type='hidden' name='question_id[]' id='qID_87' value='219958' \/><input type='hidden' id='answerType219958' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219958[]' id='answer-id-876199' class='answer   answerof-219958 ' value='876199'   \/><label for='answer-id-876199' id='answer-label-876199' class=' answer'><span>Information security standards<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219958[]' id='answer-id-876200' class='answer   answerof-219958 ' value='876200'   \/><label for='answer-id-876200' id='answer-label-876200' class=' answer'><span>Compliance requirements<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219958[]' id='answer-id-876201' class='answer   answerof-219958 ' value='876201'   \/><label for='answer-id-876201' id='answer-label-876201' class=' answer'><span>Security audit reports<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219958[]' id='answer-id-876202' class='answer   answerof-219958 ' value='876202'   \/><label for='answer-id-876202' id='answer-label-876202' class=' answer'><span>Benchmarking reports<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-88' style=';'><div id='questionWrap-88'  class='   watupro-question-id-219959'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>88. <\/span>An information security manager is reviewing the impact of a regulation on the organization\u2019s human resources system. <br \/>\r<br>The NEXT course of action should be to:<\/div><input type='hidden' name='question_id[]' id='qID_88' value='219959' \/><input type='hidden' id='answerType219959' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219959[]' id='answer-id-876203' class='answer   answerof-219959 ' value='876203'   \/><label for='answer-id-876203' id='answer-label-876203' class=' answer'><span>perform a gap analysis of compliance requirements<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219959[]' id='answer-id-876204' class='answer   answerof-219959 ' value='876204'   \/><label for='answer-id-876204' id='answer-label-876204' class=' answer'><span>assess the penalties for noncompliance.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219959[]' id='answer-id-876205' class='answer   answerof-219959 ' value='876205'   \/><label for='answer-id-876205' id='answer-label-876205' class=' answer'><span>review the organization s most recent audit report<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219959[]' id='answer-id-876206' class='answer   answerof-219959 ' value='876206'   \/><label for='answer-id-876206' id='answer-label-876206' class=' answer'><span>determine the cost of compliance<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-89' style=';'><div id='questionWrap-89'  class='   watupro-question-id-219960'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>89. <\/span>Which of the following is the MOST important outcome from vulnerability scanning?<\/div><input type='hidden' name='question_id[]' id='qID_89' value='219960' \/><input type='hidden' id='answerType219960' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219960[]' id='answer-id-876207' class='answer   answerof-219960 ' value='876207'   \/><label for='answer-id-876207' id='answer-label-876207' class=' answer'><span>Prioritization of risks<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219960[]' id='answer-id-876208' class='answer   answerof-219960 ' value='876208'   \/><label for='answer-id-876208' id='answer-label-876208' class=' answer'><span>Information about steps necessary to hack the system<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219960[]' id='answer-id-876209' class='answer   answerof-219960 ' value='876209'   \/><label for='answer-id-876209' id='answer-label-876209' class=' answer'><span>Identification of back doors<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219960[]' id='answer-id-876210' class='answer   answerof-219960 ' value='876210'   \/><label for='answer-id-876210' id='answer-label-876210' class=' answer'><span>Verification that systems are property configured<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-90' style=';'><div id='questionWrap-90'  class='   watupro-question-id-219961'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>90. <\/span>Which of the following would provide nonrepudiation of electronic transactions?<\/div><input type='hidden' name='question_id[]' id='qID_90' value='219961' \/><input type='hidden' id='answerType219961' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219961[]' id='answer-id-876211' class='answer   answerof-219961 ' value='876211'   \/><label for='answer-id-876211' id='answer-label-876211' class=' answer'><span>Two-factor authentication<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219961[]' id='answer-id-876212' class='answer   answerof-219961 ' value='876212'   \/><label for='answer-id-876212' id='answer-label-876212' class=' answer'><span>Periodic reaccredinations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219961[]' id='answer-id-876213' class='answer   answerof-219961 ' value='876213'   \/><label for='answer-id-876213' id='answer-label-876213' class=' answer'><span>Third-party certificates<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219961[]' id='answer-id-876214' class='answer   answerof-219961 ' value='876214'   \/><label for='answer-id-876214' id='answer-label-876214' class=' answer'><span>Receipt acknowledgment<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-91' style=';'><div id='questionWrap-91'  class='   watupro-question-id-219962'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>91. <\/span>A multinational organization wants to ensure its privacy program appropriately addresses privacy risk throughout its operations. <br \/>\r<br>Which of the following would be of MOST concern to senior management?<\/div><input type='hidden' name='question_id[]' id='qID_91' value='219962' \/><input type='hidden' id='answerType219962' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219962[]' id='answer-id-876215' class='answer   answerof-219962 ' value='876215'   \/><label for='answer-id-876215' id='answer-label-876215' class=' answer'><span>The organization uses a decentralized privacy governance structure<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219962[]' id='answer-id-876216' class='answer   answerof-219962 ' value='876216'   \/><label for='answer-id-876216' id='answer-label-876216' class=' answer'><span>Privacy policies ire only reviewed annually<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219962[]' id='answer-id-876217' class='answer   answerof-219962 ' value='876217'   \/><label for='answer-id-876217' id='answer-label-876217' class=' answer'><span>The organization doe* not have a dedicated privacy officer<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219962[]' id='answer-id-876218' class='answer   answerof-219962 ' value='876218'   \/><label for='answer-id-876218' id='answer-label-876218' class=' answer'><span>The privacy program does not include a formal warning component<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-92' style=';'><div id='questionWrap-92'  class='   watupro-question-id-219963'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>92. <\/span>Executive management is considering outsourcing all IT operations. <br \/>\r<br>Which of the following functions should remain internal?<\/div><input type='hidden' name='question_id[]' id='qID_92' value='219963' \/><input type='hidden' id='answerType219963' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219963[]' id='answer-id-876219' class='answer   answerof-219963 ' value='876219'   \/><label for='answer-id-876219' id='answer-label-876219' class=' answer'><span>Data encryption<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219963[]' id='answer-id-876220' class='answer   answerof-219963 ' value='876220'   \/><label for='answer-id-876220' id='answer-label-876220' class=' answer'><span>Data ownership<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219963[]' id='answer-id-876221' class='answer   answerof-219963 ' value='876221'   \/><label for='answer-id-876221' id='answer-label-876221' class=' answer'><span>Data custodian<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219963[]' id='answer-id-876222' class='answer   answerof-219963 ' value='876222'   \/><label for='answer-id-876222' id='answer-label-876222' class=' answer'><span>Data monitoring<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-93' style=';'><div id='questionWrap-93'  class='   watupro-question-id-219964'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>93. <\/span>Which of the following metrics is MOST useful to demonstrate the effectiveness of an incident response plan?<\/div><input type='hidden' name='question_id[]' id='qID_93' value='219964' \/><input type='hidden' id='answerType219964' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219964[]' id='answer-id-876223' class='answer   answerof-219964 ' value='876223'   \/><label for='answer-id-876223' id='answer-label-876223' class=' answer'><span>Average time to resolve an incident<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219964[]' id='answer-id-876224' class='answer   answerof-219964 ' value='876224'   \/><label for='answer-id-876224' id='answer-label-876224' class=' answer'><span>Total number of reported incidents<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219964[]' id='answer-id-876225' class='answer   answerof-219964 ' value='876225'   \/><label for='answer-id-876225' id='answer-label-876225' class=' answer'><span>Total number of incident responses<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219964[]' id='answer-id-876226' class='answer   answerof-219964 ' value='876226'   \/><label for='answer-id-876226' id='answer-label-876226' class=' answer'><span>Average time to respond to an incident<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-94' style=';'><div id='questionWrap-94'  class='   watupro-question-id-219965'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>94. <\/span>Senior management has approved employees working off-site by using a virtual private network (VPN) connection. <br \/>\r<br>It is MOST important for the information security manager to periodically:<\/div><input type='hidden' name='question_id[]' id='qID_94' value='219965' \/><input type='hidden' id='answerType219965' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219965[]' id='answer-id-876227' class='answer   answerof-219965 ' value='876227'   \/><label for='answer-id-876227' id='answer-label-876227' class=' answer'><span>perform a cost-benefit analysis.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219965[]' id='answer-id-876228' class='answer   answerof-219965 ' value='876228'   \/><label for='answer-id-876228' id='answer-label-876228' class=' answer'><span>perform a risk assessment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219965[]' id='answer-id-876229' class='answer   answerof-219965 ' value='876229'   \/><label for='answer-id-876229' id='answer-label-876229' class=' answer'><span>review firewall configuration.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219965[]' id='answer-id-876230' class='answer   answerof-219965 ' value='876230'   \/><label for='answer-id-876230' id='answer-label-876230' class=' answer'><span>review the security policy.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-95' style=';'><div id='questionWrap-95'  class='   watupro-question-id-219966'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>95. <\/span>The success of a computer forensic investigation depends on the concept of:<\/div><input type='hidden' name='question_id[]' id='qID_95' value='219966' \/><input type='hidden' id='answerType219966' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219966[]' id='answer-id-876231' class='answer   answerof-219966 ' value='876231'   \/><label for='answer-id-876231' id='answer-label-876231' class=' answer'><span>chain of evidence.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219966[]' id='answer-id-876232' class='answer   answerof-219966 ' value='876232'   \/><label for='answer-id-876232' id='answer-label-876232' class=' answer'><span>chain of attack.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219966[]' id='answer-id-876233' class='answer   answerof-219966 ' value='876233'   \/><label for='answer-id-876233' id='answer-label-876233' class=' answer'><span>forensic chain<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219966[]' id='answer-id-876234' class='answer   answerof-219966 ' value='876234'   \/><label for='answer-id-876234' id='answer-label-876234' class=' answer'><span>evidence of attack.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-96' style=';'><div id='questionWrap-96'  class='   watupro-question-id-219967'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>96. <\/span>Which of the following activities should take place FIRST when a security patch for Internet software is received from a vendor?<\/div><input type='hidden' name='question_id[]' id='qID_96' value='219967' \/><input type='hidden' id='answerType219967' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219967[]' id='answer-id-876235' class='answer   answerof-219967 ' value='876235'   \/><label for='answer-id-876235' id='answer-label-876235' class=' answer'><span>The patch should be applied to critical systems.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219967[]' id='answer-id-876236' class='answer   answerof-219967 ' value='876236'   \/><label for='answer-id-876236' id='answer-label-876236' class=' answer'><span>The patch should be validated using a hash algorithm.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219967[]' id='answer-id-876237' class='answer   answerof-219967 ' value='876237'   \/><label for='answer-id-876237' id='answer-label-876237' class=' answer'><span>The patch should be evaluated in a testing environment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219967[]' id='answer-id-876238' class='answer   answerof-219967 ' value='876238'   \/><label for='answer-id-876238' id='answer-label-876238' class=' answer'><span>The patch should be deployed quickly to systems that are vulnerable.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-97' style=';'><div id='questionWrap-97'  class='   watupro-question-id-219968'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>97. <\/span>Which of the following will BEST help to ensure security is addressed when developing a custom application?<\/div><input type='hidden' name='question_id[]' id='qID_97' value='219968' \/><input type='hidden' id='answerType219968' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219968[]' id='answer-id-876239' class='answer   answerof-219968 ' value='876239'   \/><label for='answer-id-876239' id='answer-label-876239' class=' answer'><span>Conducting security training for the development staff<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219968[]' id='answer-id-876240' class='answer   answerof-219968 ' value='876240'   \/><label for='answer-id-876240' id='answer-label-876240' class=' answer'><span>Integrating security requirements into the development process<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219968[]' id='answer-id-876241' class='answer   answerof-219968 ' value='876241'   \/><label for='answer-id-876241' id='answer-label-876241' class=' answer'><span>Requiring a security assessment before implementation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219968[]' id='answer-id-876242' class='answer   answerof-219968 ' value='876242'   \/><label for='answer-id-876242' id='answer-label-876242' class=' answer'><span>Integrating a security audit throughout the development process<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-98' style=';'><div id='questionWrap-98'  class='   watupro-question-id-219969'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>98. <\/span>Due lo budget constraints, an internal IT application does not include the necessary controls to meet a client service level agreement (SLA). <br \/>\r<br>Which of the following is the information security manager's BEST course of action?<\/div><input type='hidden' name='question_id[]' id='qID_98' value='219969' \/><input type='hidden' id='answerType219969' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219969[]' id='answer-id-876243' class='answer   answerof-219969 ' value='876243'   \/><label for='answer-id-876243' id='answer-label-876243' class=' answer'><span>Inform the legal department of the deficiency<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219969[]' id='answer-id-876244' class='answer   answerof-219969 ' value='876244'   \/><label for='answer-id-876244' id='answer-label-876244' class=' answer'><span>Analyze and report the issue to server management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219969[]' id='answer-id-876245' class='answer   answerof-219969 ' value='876245'   \/><label for='answer-id-876245' id='answer-label-876245' class=' answer'><span>Require the application owner to implement the controls.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219969[]' id='answer-id-876246' class='answer   answerof-219969 ' value='876246'   \/><label for='answer-id-876246' id='answer-label-876246' class=' answer'><span>Assess and present the risks to the application owner<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-99' style=';'><div id='questionWrap-99'  class='   watupro-question-id-219970'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>99. <\/span>Which of the following is MOST critical to review when preparing to outsource a data repository to a cloud-based solution?<\/div><input type='hidden' name='question_id[]' id='qID_99' value='219970' \/><input type='hidden' id='answerType219970' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219970[]' id='answer-id-876247' class='answer   answerof-219970 ' value='876247'   \/><label for='answer-id-876247' id='answer-label-876247' class=' answer'><span>Disaster recovery plan<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219970[]' id='answer-id-876248' class='answer   answerof-219970 ' value='876248'   \/><label for='answer-id-876248' id='answer-label-876248' class=' answer'><span>Identity and access management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219970[]' id='answer-id-876249' class='answer   answerof-219970 ' value='876249'   \/><label for='answer-id-876249' id='answer-label-876249' class=' answer'><span>Vendor\u2019s information security policy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219970[]' id='answer-id-876250' class='answer   answerof-219970 ' value='876250'   \/><label for='answer-id-876250' id='answer-label-876250' class=' answer'><span>A risk assessment<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-100' style=';'><div id='questionWrap-100'  class='   watupro-question-id-219971'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>100. <\/span>When developing a new application, which of the following is the BEST approach to ensure compliance with security requirements?<\/div><input type='hidden' name='question_id[]' id='qID_100' value='219971' \/><input type='hidden' id='answerType219971' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219971[]' id='answer-id-876251' class='answer   answerof-219971 ' value='876251'   \/><label for='answer-id-876251' id='answer-label-876251' class=' answer'><span>Provide security training for developers.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219971[]' id='answer-id-876252' class='answer   answerof-219971 ' value='876252'   \/><label for='answer-id-876252' id='answer-label-876252' class=' answer'><span>Prepare detailed acceptance criteria<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219971[]' id='answer-id-876253' class='answer   answerof-219971 ' value='876253'   \/><label for='answer-id-876253' id='answer-label-876253' class=' answer'><span>Adhere to change management processes.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-219971[]' id='answer-id-876254' class='answer   answerof-219971 ' value='876254'   \/><label for='answer-id-876254' id='answer-label-876254' class=' answer'><span>Perform a security gap analysis.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div style='display:none' id='question-101'>\n\t<div class='question-content'>\n\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\" alt=\"Loading...\" title=\"Loading...\" \/>&nbsp;Loading...\t<\/div>\n<\/div>\n\n<br \/>\n\t\n\t\t\t<div class=\"watupro_buttons flex \" id=\"watuPROButtons6289\" >\n\t\t  <div id=\"prev-question\" style=\"display:none;\"><input type=\"button\" value=\"&lt; Previous\" onclick=\"WatuPRO.nextQuestion(event, 'previous');\"\/><\/div>\t\t  \t\t  \t\t   \n\t\t   \t  \t\t<div><input type=\"button\" name=\"action\" class=\"watupro-submit-button\" onclick=\"WatuPRO.submitResult(event)\" id=\"action-button\" value=\"View Results\"  \/>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\n\t<input type=\"hidden\" name=\"quiz_id\" value=\"6289\" id=\"watuPROExamID\"\/>\n\t<input type=\"hidden\" name=\"start_time\" id=\"startTime\" value=\"2026-05-20 12:15:01\" \/>\n\t<input type=\"hidden\" name=\"start_timestamp\" id=\"startTimeStamp\" value=\"1779279301\" \/>\n\t<input type=\"hidden\" name=\"question_ids\" value=\"\" \/>\n\t<input type=\"hidden\" name=\"watupro_questions\" value=\"219872:875855,875856,875857,875858 | 219873:875859,875860,875861,875862 | 219874:875863,875864,875865,875866 | 219875:875867,875868,875869,875870 | 219876:875871,875872,875873,875874 | 219877:875875,875876,875877,875878 | 219878:875879,875880,875881,875882 | 219879:875883,875884,875885,875886 | 219880:875887,875888,875889,875890 | 219881:875891,875892,875893,875894 | 219882:875895,875896,875897,875898 | 219883:875899,875900,875901,875902 | 219884:875903,875904,875905,875906 | 219885:875907,875908,875909,875910 | 219886:875911,875912,875913,875914 | 219887:875915,875916,875917,875918 | 219888:875919,875920,875921,875922 | 219889:875923,875924,875925,875926 | 219890:875927,875928,875929,875930 | 219891:875931,875932,875933,875934 | 219892:875935,875936,875937,875938 | 219893:875939,875940,875941,875942 | 219894:875943,875944,875945,875946 | 219895:875947,875948,875949,875950 | 219896:875951,875952,875953,875954 | 219897:875955,875956,875957,875958 | 219898:875959,875960,875961,875962 | 219899:875963,875964,875965,875966 | 219900:875967,875968,875969,875970 | 219901:875971,875972,875973,875974 | 219902:875975,875976,875977,875978 | 219903:875979,875980,875981,875982 | 219904:875983,875984,875985,875986 | 219905:875987,875988,875989,875990 | 219906:875991,875992,875993,875994 | 219907:875995,875996,875997,875998 | 219908:875999,876000,876001,876002 | 219909:876003,876004,876005,876006 | 219910:876007,876008,876009,876010 | 219911:876011,876012,876013,876014 | 219912:876015,876016,876017,876018 | 219913:876019,876020,876021,876022 | 219914:876023,876024,876025,876026 | 219915:876027,876028,876029,876030 | 219916:876031,876032,876033,876034 | 219917:876035,876036,876037,876038 | 219918:876039,876040,876041,876042 | 219919:876043,876044,876045,876046 | 219920:876047,876048,876049,876050 | 219921:876051,876052,876053,876054 | 219922:876055,876056,876057,876058 | 219923:876059,876060,876061,876062 | 219924:876063,876064,876065,876066 | 219925:876067,876068,876069,876070 | 219926:876071,876072,876073,876074 | 219927:876075,876076,876077,876078 | 219928:876079,876080,876081,876082 | 219929:876083,876084,876085,876086 | 219930:876087,876088,876089,876090 | 219931:876091,876092,876093,876094 | 219932:876095,876096,876097,876098 | 219933:876099,876100,876101,876102 | 219934:876103,876104,876105,876106 | 219935:876107,876108,876109,876110 | 219936:876111,876112,876113,876114 | 219937:876115,876116,876117,876118 | 219938:876119,876120,876121,876122 | 219939:876123,876124,876125,876126 | 219940:876127,876128,876129,876130 | 219941:876131,876132,876133,876134 | 219942:876135,876136,876137,876138 | 219943:876139,876140,876141,876142 | 219944:876143,876144,876145,876146 | 219945:876147,876148,876149,876150 | 219946:876151,876152,876153,876154 | 219947:876155,876156,876157,876158 | 219948:876159,876160,876161,876162 | 219949:876163,876164,876165,876166 | 219950:876167,876168,876169,876170 | 219951:876171,876172,876173,876174 | 219952:876175,876176,876177,876178 | 219953:876179,876180,876181,876182 | 219954:876183,876184,876185,876186 | 219955:876187,876188,876189,876190 | 219956:876191,876192,876193,876194 | 219957:876195,876196,876197,876198 | 219958:876199,876200,876201,876202 | 219959:876203,876204,876205,876206 | 219960:876207,876208,876209,876210 | 219961:876211,876212,876213,876214 | 219962:876215,876216,876217,876218 | 219963:876219,876220,876221,876222 | 219964:876223,876224,876225,876226 | 219965:876227,876228,876229,876230 | 219966:876231,876232,876233,876234 | 219967:876235,876236,876237,876238 | 219968:876239,876240,876241,876242 | 219969:876243,876244,876245,876246 | 219970:876247,876248,876249,876250 | 219971:876251,876252,876253,876254\" \/>\n\t<input type=\"hidden\" name=\"no_ajax\" value=\"0\">\t\t\t<\/form>\n\t<p>&nbsp;<\/p>\n<\/div>\n\n<script type=\"text\/javascript\">\n\/\/jQuery(document).ready(function(){\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \t\nvar question_ids = \"219872,219873,219874,219875,219876,219877,219878,219879,219880,219881,219882,219883,219884,219885,219886,219887,219888,219889,219890,219891,219892,219893,219894,219895,219896,219897,219898,219899,219900,219901,219902,219903,219904,219905,219906,219907,219908,219909,219910,219911,219912,219913,219914,219915,219916,219917,219918,219919,219920,219921,219922,219923,219924,219925,219926,219927,219928,219929,219930,219931,219932,219933,219934,219935,219936,219937,219938,219939,219940,219941,219942,219943,219944,219945,219946,219947,219948,219949,219950,219951,219952,219953,219954,219955,219956,219957,219958,219959,219960,219961,219962,219963,219964,219965,219966,219967,219968,219969,219970,219971\";\nWatuPROSettings[6289] = {};\nWatuPRO.qArr = question_ids.split(',');\nWatuPRO.exam_id = 6289;\t    \nWatuPRO.post_id = 39050;\nWatuPRO.store_progress = 0;\nWatuPRO.curCatPage = 1;\nWatuPRO.requiredIDs=\"0\".split(\",\");\nWatuPRO.hAppID = \"0.18113000 1779279301\";\nvar url = \"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/show_exam.php\";\nWatuPRO.examMode = 1;\nWatuPRO.siteURL=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-admin\/admin-ajax.php\";\nWatuPRO.emailIsNotRequired = 0;\nWatuPROIntel.init(6289);\nWatuPRO.inCategoryPages=1;});    \t \n<\/script>\r\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[429,431],"tags":[9404,9406],"class_list":["post-39050","post","type-post","status-publish","format-standard","hentry","category-isaca","category-isaca-certificaton","tag-cism","tag-cism-exam-dumps"],"_links":{"self":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/39050","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/comments?post=39050"}],"version-history":[{"count":1,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/39050\/revisions"}],"predecessor-version":[{"id":39054,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/39050\/revisions\/39054"}],"wp:attachment":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/media?parent=39050"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/categories?post=39050"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/tags?post=39050"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}