{"id":8214,"date":"2020-06-19T03:11:21","date_gmt":"2020-06-19T03:11:21","guid":{"rendered":"https:\/\/www.dumpsbase.com\/freedumps\/?p=8214"},"modified":"2025-09-22T06:41:23","modified_gmt":"2025-09-22T06:41:23","slug":"cism-practice-exam-dumps-can-help-you-prepare-exam-well","status":"publish","type":"post","link":"https:\/\/www.dumpsbase.com\/freedumps\/cism-practice-exam-dumps-can-help-you-prepare-exam-well.html","title":{"rendered":"CISM Practice Exam Dumps Can Help You Prepare Exam Well"},"content":{"rendered":"<p>Why choosing CISM practice exam dumps online? We can be sure that you can get the biggest help to prepare for your Certified Information Security Manager exam well. Certified Information Security Manager (CISM) is issued by ISACA, which indicates expertise in information security governance, program development and management, incident management and risk management.\u00a0 We collect CISM practice exam dumps online for doing your best preparation.<\/p>\n<h2>Here, you can read <span style=\"color: #800000;\">CISM free dumps<\/span> online.<\/h2>\n<script>\n\t  window.fbAsyncInit = function() {\n\t    FB.init({\n\t      appId            : '622169541470367',\n\t      autoLogAppEvents : true,\n\t      xfbml            : true,\n\t      version          : 'v3.1'\n\t    });\n\t  };\n\t\n\t  (function(d, s, id){\n\t     var js, fjs = d.getElementsByTagName(s)[0];\n\t     if (d.getElementById(id)) {return;}\n\t     js = d.createElement(s); js.id = id;\n\t     js.src = \"https:\/\/connect.facebook.net\/en_US\/sdk.js\";\n\t     fjs.parentNode.insertBefore(js, fjs);\n\t   }(document, 'script', 'facebook-jssdk'));\n\t<\/script><script type=\"text\/javascript\" >\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \nif(!window.jQuery) alert(\"The important jQuery library is not properly loaded in your site. Your WordPress theme is probably missing the essential wp_head() call. You can switch to another theme and you will see that the plugin works fine and this notice disappears. If you are still not sure what to do you can contact us for help.\");\n});\n<\/script>  \n  \n<div  id=\"watupro_quiz\" class=\"quiz-area single-page-quiz\">\n<p id=\"submittingExam4377\" style=\"display:none;text-align:center;\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\"><\/p>\n\n<div class=\"watupro-exam-description\" id=\"description-quiz-4377\"><\/div>\n\n<form action=\"\" method=\"post\" class=\"quiz-form\" id=\"quiz-4377\"  enctype=\"multipart\/form-data\" >\n<div class='watu-question ' id='question-1' style=';'><div id='questionWrap-1'  class='   watupro-question-id-136871'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>1. <\/span>Which of the following should be the FIRST step in developing an information security plan?<\/div><input type='hidden' name='question_id[]' id='qID_1' value='136871' \/><input type='hidden' id='answerType136871' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136871[]' id='answer-id-560561' class='answer   answerof-136871 ' value='560561'   \/><label for='answer-id-560561' id='answer-label-560561' class=' answer'><span>Perform a technical vulnerabilities assessment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136871[]' id='answer-id-560562' class='answer   answerof-136871 ' value='560562'   \/><label for='answer-id-560562' id='answer-label-560562' class=' answer'><span>Analyze the current business strategy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136871[]' id='answer-id-560563' class='answer   answerof-136871 ' value='560563'   \/><label for='answer-id-560563' id='answer-label-560563' class=' answer'><span>Perform a business impact analysis<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136871[]' id='answer-id-560564' class='answer   answerof-136871 ' value='560564'   \/><label for='answer-id-560564' id='answer-label-560564' class=' answer'><span>Assess the current levels of security awareness<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-2' style=';'><div id='questionWrap-2'  class='   watupro-question-id-136872'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>2. <\/span>Senior management commitment and support for information security can BEST be obtained through presentations that:<\/div><input type='hidden' name='question_id[]' id='qID_2' value='136872' \/><input type='hidden' id='answerType136872' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136872[]' id='answer-id-560565' class='answer   answerof-136872 ' value='560565'   \/><label for='answer-id-560565' id='answer-label-560565' class=' answer'><span>use illustrative examples of successful attacks.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136872[]' id='answer-id-560566' class='answer   answerof-136872 ' value='560566'   \/><label for='answer-id-560566' id='answer-label-560566' class=' answer'><span>explain the technical risks to the organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136872[]' id='answer-id-560567' class='answer   answerof-136872 ' value='560567'   \/><label for='answer-id-560567' id='answer-label-560567' class=' answer'><span>evaluate the organization against best security practices.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136872[]' id='answer-id-560568' class='answer   answerof-136872 ' value='560568'   \/><label for='answer-id-560568' id='answer-label-560568' class=' answer'><span>tie security risks to key business objectives.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-3' style=';'><div id='questionWrap-3'  class='   watupro-question-id-136873'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>3. <\/span>The MOST appropriate role for senior management in supporting information security is the:<\/div><input type='hidden' name='question_id[]' id='qID_3' value='136873' \/><input type='hidden' id='answerType136873' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136873[]' id='answer-id-560569' class='answer   answerof-136873 ' value='560569'   \/><label for='answer-id-560569' id='answer-label-560569' class=' answer'><span>evaluation of vendors offering security products.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136873[]' id='answer-id-560570' class='answer   answerof-136873 ' value='560570'   \/><label for='answer-id-560570' id='answer-label-560570' class=' answer'><span>assessment of risks to the organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136873[]' id='answer-id-560571' class='answer   answerof-136873 ' value='560571'   \/><label for='answer-id-560571' id='answer-label-560571' class=' answer'><span>approval of policy statements and funding.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136873[]' id='answer-id-560572' class='answer   answerof-136873 ' value='560572'   \/><label for='answer-id-560572' id='answer-label-560572' class=' answer'><span>monitoring adherence to regulatory requirements.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-4' style=';'><div id='questionWrap-4'  class='   watupro-question-id-136874'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>4. <\/span>Which of the following would BEST ensure the success of information security governance within an organization?<\/div><input type='hidden' name='question_id[]' id='qID_4' value='136874' \/><input type='hidden' id='answerType136874' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136874[]' id='answer-id-560573' class='answer   answerof-136874 ' value='560573'   \/><label for='answer-id-560573' id='answer-label-560573' class=' answer'><span>Steering committees approve security projects<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136874[]' id='answer-id-560574' class='answer   answerof-136874 ' value='560574'   \/><label for='answer-id-560574' id='answer-label-560574' class=' answer'><span>Security policy training provided to all managers<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136874[]' id='answer-id-560575' class='answer   answerof-136874 ' value='560575'   \/><label for='answer-id-560575' id='answer-label-560575' class=' answer'><span>Security training available to all employees on the intranet<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136874[]' id='answer-id-560576' class='answer   answerof-136874 ' value='560576'   \/><label for='answer-id-560576' id='answer-label-560576' class=' answer'><span>Steering committees enforce compliance with laws and regulations<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-5' style=';'><div id='questionWrap-5'  class='   watupro-question-id-136875'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>5. <\/span>Information security governance is PRIMARILY driven by:<\/div><input type='hidden' name='question_id[]' id='qID_5' value='136875' \/><input type='hidden' id='answerType136875' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136875[]' id='answer-id-560577' class='answer   answerof-136875 ' value='560577'   \/><label for='answer-id-560577' id='answer-label-560577' class=' answer'><span>technology constraints.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136875[]' id='answer-id-560578' class='answer   answerof-136875 ' value='560578'   \/><label for='answer-id-560578' id='answer-label-560578' class=' answer'><span>regulatory requirements.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136875[]' id='answer-id-560579' class='answer   answerof-136875 ' value='560579'   \/><label for='answer-id-560579' id='answer-label-560579' class=' answer'><span>litigation potential.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136875[]' id='answer-id-560580' class='answer   answerof-136875 ' value='560580'   \/><label for='answer-id-560580' id='answer-label-560580' class=' answer'><span>business strategy.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-6' style=';'><div id='questionWrap-6'  class='   watupro-question-id-136876'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>6. <\/span>Which of the following represents the MAJOR focus of privacy regulations?<\/div><input type='hidden' name='question_id[]' id='qID_6' value='136876' \/><input type='hidden' id='answerType136876' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136876[]' id='answer-id-560581' class='answer   answerof-136876 ' value='560581'   \/><label for='answer-id-560581' id='answer-label-560581' class=' answer'><span>Unrestricted data mining<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136876[]' id='answer-id-560582' class='answer   answerof-136876 ' value='560582'   \/><label for='answer-id-560582' id='answer-label-560582' class=' answer'><span>Identity theft<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136876[]' id='answer-id-560583' class='answer   answerof-136876 ' value='560583'   \/><label for='answer-id-560583' id='answer-label-560583' class=' answer'><span>Human rights protection<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136876[]' id='answer-id-560584' class='answer   answerof-136876 ' value='560584'   \/><label for='answer-id-560584' id='answer-label-560584' class=' answer'><span>Identifiable personal data<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-7' style=';'><div id='questionWrap-7'  class='   watupro-question-id-136877'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>7. <\/span>Investments in information security technologies should be based on:<\/div><input type='hidden' name='question_id[]' id='qID_7' value='136877' \/><input type='hidden' id='answerType136877' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136877[]' id='answer-id-560585' class='answer   answerof-136877 ' value='560585'   \/><label for='answer-id-560585' id='answer-label-560585' class=' answer'><span>vulnerability assessments.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136877[]' id='answer-id-560586' class='answer   answerof-136877 ' value='560586'   \/><label for='answer-id-560586' id='answer-label-560586' class=' answer'><span>value analysis.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136877[]' id='answer-id-560587' class='answer   answerof-136877 ' value='560587'   \/><label for='answer-id-560587' id='answer-label-560587' class=' answer'><span>business climate.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136877[]' id='answer-id-560588' class='answer   answerof-136877 ' value='560588'   \/><label for='answer-id-560588' id='answer-label-560588' class=' answer'><span>audit recommendations.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-8' style=';'><div id='questionWrap-8'  class='   watupro-question-id-136878'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>8. <\/span>Retention of business records should PRIMARILY be based on:<\/div><input type='hidden' name='question_id[]' id='qID_8' value='136878' \/><input type='hidden' id='answerType136878' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136878[]' id='answer-id-560589' class='answer   answerof-136878 ' value='560589'   \/><label for='answer-id-560589' id='answer-label-560589' class=' answer'><span>business strategy and direction.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136878[]' id='answer-id-560590' class='answer   answerof-136878 ' value='560590'   \/><label for='answer-id-560590' id='answer-label-560590' class=' answer'><span>regulatory and legal requirements.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136878[]' id='answer-id-560591' class='answer   answerof-136878 ' value='560591'   \/><label for='answer-id-560591' id='answer-label-560591' class=' answer'><span>storage capacity and longevity.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136878[]' id='answer-id-560592' class='answer   answerof-136878 ' value='560592'   \/><label for='answer-id-560592' id='answer-label-560592' class=' answer'><span>business ease and value analysis.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-9' style=';'><div id='questionWrap-9'  class='   watupro-question-id-136879'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>9. <\/span>Which of the following is characteristic of centralized information security management?<\/div><input type='hidden' name='question_id[]' id='qID_9' value='136879' \/><input type='hidden' id='answerType136879' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136879[]' id='answer-id-560593' class='answer   answerof-136879 ' value='560593'   \/><label for='answer-id-560593' id='answer-label-560593' class=' answer'><span>More expensive to administer<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136879[]' id='answer-id-560594' class='answer   answerof-136879 ' value='560594'   \/><label for='answer-id-560594' id='answer-label-560594' class=' answer'><span>Better adherence to policies<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136879[]' id='answer-id-560595' class='answer   answerof-136879 ' value='560595'   \/><label for='answer-id-560595' id='answer-label-560595' class=' answer'><span>More aligned with business unit needs<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136879[]' id='answer-id-560596' class='answer   answerof-136879 ' value='560596'   \/><label for='answer-id-560596' id='answer-label-560596' class=' answer'><span>Faster turnaround of requests<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-10' style=';'><div id='questionWrap-10'  class='   watupro-question-id-136880'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>10. <\/span>Successful implementation of information security governance will FIRST require:<\/div><input type='hidden' name='question_id[]' id='qID_10' value='136880' \/><input type='hidden' id='answerType136880' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136880[]' id='answer-id-560597' class='answer   answerof-136880 ' value='560597'   \/><label for='answer-id-560597' id='answer-label-560597' class=' answer'><span>security awareness training.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136880[]' id='answer-id-560598' class='answer   answerof-136880 ' value='560598'   \/><label for='answer-id-560598' id='answer-label-560598' class=' answer'><span>updated security policies.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136880[]' id='answer-id-560599' class='answer   answerof-136880 ' value='560599'   \/><label for='answer-id-560599' id='answer-label-560599' class=' answer'><span>a computer incident management team.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136880[]' id='answer-id-560600' class='answer   answerof-136880 ' value='560600'   \/><label for='answer-id-560600' id='answer-label-560600' class=' answer'><span>a security architecture.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-11' style=';'><div id='questionWrap-11'  class='   watupro-question-id-136881'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>11. <\/span>Which of the following individuals would be in the BEST position to sponsor the creation of an information security steering group?<\/div><input type='hidden' name='question_id[]' id='qID_11' value='136881' \/><input type='hidden' id='answerType136881' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136881[]' id='answer-id-560601' class='answer   answerof-136881 ' value='560601'   \/><label for='answer-id-560601' id='answer-label-560601' class=' answer'><span>Information security manager<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136881[]' id='answer-id-560602' class='answer   answerof-136881 ' value='560602'   \/><label for='answer-id-560602' id='answer-label-560602' class=' answer'><span>Chief operating officer (COO)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136881[]' id='answer-id-560603' class='answer   answerof-136881 ' value='560603'   \/><label for='answer-id-560603' id='answer-label-560603' class=' answer'><span>Internal auditor<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136881[]' id='answer-id-560604' class='answer   answerof-136881 ' value='560604'   \/><label for='answer-id-560604' id='answer-label-560604' class=' answer'><span>Legal counsel<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-12' style=';'><div id='questionWrap-12'  class='   watupro-question-id-136882'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>12. <\/span>The MOST important component of a privacy policy is:<\/div><input type='hidden' name='question_id[]' id='qID_12' value='136882' \/><input type='hidden' id='answerType136882' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136882[]' id='answer-id-560605' class='answer   answerof-136882 ' value='560605'   \/><label for='answer-id-560605' id='answer-label-560605' class=' answer'><span>notifications.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136882[]' id='answer-id-560606' class='answer   answerof-136882 ' value='560606'   \/><label for='answer-id-560606' id='answer-label-560606' class=' answer'><span>warranties.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136882[]' id='answer-id-560607' class='answer   answerof-136882 ' value='560607'   \/><label for='answer-id-560607' id='answer-label-560607' class=' answer'><span>liabilities.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136882[]' id='answer-id-560608' class='answer   answerof-136882 ' value='560608'   \/><label for='answer-id-560608' id='answer-label-560608' class=' answer'><span>geographic coverage.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-13' style=';'><div id='questionWrap-13'  class='   watupro-question-id-136883'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>13. <\/span>The cost of implementing a security control should not exceed the:<\/div><input type='hidden' name='question_id[]' id='qID_13' value='136883' \/><input type='hidden' id='answerType136883' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136883[]' id='answer-id-560609' class='answer   answerof-136883 ' value='560609'   \/><label for='answer-id-560609' id='answer-label-560609' class=' answer'><span>annualized loss expectancy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136883[]' id='answer-id-560610' class='answer   answerof-136883 ' value='560610'   \/><label for='answer-id-560610' id='answer-label-560610' class=' answer'><span>cost of an incident.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136883[]' id='answer-id-560611' class='answer   answerof-136883 ' value='560611'   \/><label for='answer-id-560611' id='answer-label-560611' class=' answer'><span>asset value.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136883[]' id='answer-id-560612' class='answer   answerof-136883 ' value='560612'   \/><label for='answer-id-560612' id='answer-label-560612' class=' answer'><span>implementation opportunity costs.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-14' style=';'><div id='questionWrap-14'  class='   watupro-question-id-136884'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>14. <\/span>When a security standard conflicts with a business objective, the situation should be resolved by:<\/div><input type='hidden' name='question_id[]' id='qID_14' value='136884' \/><input type='hidden' id='answerType136884' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136884[]' id='answer-id-560613' class='answer   answerof-136884 ' value='560613'   \/><label for='answer-id-560613' id='answer-label-560613' class=' answer'><span>changing the security standard.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136884[]' id='answer-id-560614' class='answer   answerof-136884 ' value='560614'   \/><label for='answer-id-560614' id='answer-label-560614' class=' answer'><span>changing the business objective.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136884[]' id='answer-id-560615' class='answer   answerof-136884 ' value='560615'   \/><label for='answer-id-560615' id='answer-label-560615' class=' answer'><span>performing a risk analysis.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136884[]' id='answer-id-560616' class='answer   answerof-136884 ' value='560616'   \/><label for='answer-id-560616' id='answer-label-560616' class=' answer'><span>authorizing a risk acceptance.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-15' style=';'><div id='questionWrap-15'  class='   watupro-question-id-136885'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>15. <\/span>Minimum standards for securing the technical infrastructure should be defined in a security:<\/div><input type='hidden' name='question_id[]' id='qID_15' value='136885' \/><input type='hidden' id='answerType136885' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136885[]' id='answer-id-560617' class='answer   answerof-136885 ' value='560617'   \/><label for='answer-id-560617' id='answer-label-560617' class=' answer'><span>strategy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136885[]' id='answer-id-560618' class='answer   answerof-136885 ' value='560618'   \/><label for='answer-id-560618' id='answer-label-560618' class=' answer'><span>guidelines.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136885[]' id='answer-id-560619' class='answer   answerof-136885 ' value='560619'   \/><label for='answer-id-560619' id='answer-label-560619' class=' answer'><span>model.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136885[]' id='answer-id-560620' class='answer   answerof-136885 ' value='560620'   \/><label for='answer-id-560620' id='answer-label-560620' class=' answer'><span>architecture.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-16' style=';'><div id='questionWrap-16'  class='   watupro-question-id-136886'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>16. <\/span>Which of the following is MOST appropriate for inclusion in an information security strategy?<\/div><input type='hidden' name='question_id[]' id='qID_16' value='136886' \/><input type='hidden' id='answerType136886' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136886[]' id='answer-id-560621' class='answer   answerof-136886 ' value='560621'   \/><label for='answer-id-560621' id='answer-label-560621' class=' answer'><span>Business controls designated as key controls<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136886[]' id='answer-id-560622' class='answer   answerof-136886 ' value='560622'   \/><label for='answer-id-560622' id='answer-label-560622' class=' answer'><span>Security processes, methods, tools and techniques<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136886[]' id='answer-id-560623' class='answer   answerof-136886 ' value='560623'   \/><label for='answer-id-560623' id='answer-label-560623' class=' answer'><span>Firewall rule sets, network defaults and intrusion detection system (IDS) settings<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136886[]' id='answer-id-560624' class='answer   answerof-136886 ' value='560624'   \/><label for='answer-id-560624' id='answer-label-560624' class=' answer'><span>Budget estimates to acquire specific security tools<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-17' style=';'><div id='questionWrap-17'  class='   watupro-question-id-136887'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>17. <\/span>Senior management commitment and support for information security will BEST be attained by an information security manager by emphasizing:<\/div><input type='hidden' name='question_id[]' id='qID_17' value='136887' \/><input type='hidden' id='answerType136887' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136887[]' id='answer-id-560625' class='answer   answerof-136887 ' value='560625'   \/><label for='answer-id-560625' id='answer-label-560625' class=' answer'><span>organizational risk.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136887[]' id='answer-id-560626' class='answer   answerof-136887 ' value='560626'   \/><label for='answer-id-560626' id='answer-label-560626' class=' answer'><span>organization wide metrics.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136887[]' id='answer-id-560627' class='answer   answerof-136887 ' value='560627'   \/><label for='answer-id-560627' id='answer-label-560627' class=' answer'><span>security needs.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136887[]' id='answer-id-560628' class='answer   answerof-136887 ' value='560628'   \/><label for='answer-id-560628' id='answer-label-560628' class=' answer'><span>the responsibilities of organizational units.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-18' style=';'><div id='questionWrap-18'  class='   watupro-question-id-136888'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>18. <\/span>Which of the following roles would represent a conflict of interest for an information security manager?<\/div><input type='hidden' name='question_id[]' id='qID_18' value='136888' \/><input type='hidden' id='answerType136888' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136888[]' id='answer-id-560629' class='answer   answerof-136888 ' value='560629'   \/><label for='answer-id-560629' id='answer-label-560629' class=' answer'><span>Evaluation of third parties requesting connectivity<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136888[]' id='answer-id-560630' class='answer   answerof-136888 ' value='560630'   \/><label for='answer-id-560630' id='answer-label-560630' class=' answer'><span>Assessment of the adequacy of disaster recovery plans<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136888[]' id='answer-id-560631' class='answer   answerof-136888 ' value='560631'   \/><label for='answer-id-560631' id='answer-label-560631' class=' answer'><span>Final approval of information security policies<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136888[]' id='answer-id-560632' class='answer   answerof-136888 ' value='560632'   \/><label for='answer-id-560632' id='answer-label-560632' class=' answer'><span>Monitoring adherence to physical security controls<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-19' style=';'><div id='questionWrap-19'  class='   watupro-question-id-136889'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>19. <\/span>Which of the following situations must be corrected FIRST to ensure successful information security governance within an organization?<\/div><input type='hidden' name='question_id[]' id='qID_19' value='136889' \/><input type='hidden' id='answerType136889' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136889[]' id='answer-id-560633' class='answer   answerof-136889 ' value='560633'   \/><label for='answer-id-560633' id='answer-label-560633' class=' answer'><span>The information security department has difficulty filling vacancies.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136889[]' id='answer-id-560634' class='answer   answerof-136889 ' value='560634'   \/><label for='answer-id-560634' id='answer-label-560634' class=' answer'><span>The chief information officer (CIO) approves security policy changes.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136889[]' id='answer-id-560635' class='answer   answerof-136889 ' value='560635'   \/><label for='answer-id-560635' id='answer-label-560635' class=' answer'><span>The information security oversight committee only meets quarterly.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136889[]' id='answer-id-560636' class='answer   answerof-136889 ' value='560636'   \/><label for='answer-id-560636' id='answer-label-560636' class=' answer'><span>The data center manager has final signoff on all security projects.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-20' style=';'><div id='questionWrap-20'  class='   watupro-question-id-136890'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>20. <\/span>Which of the following requirements would have the lowest level of priority in information security?<\/div><input type='hidden' name='question_id[]' id='qID_20' value='136890' \/><input type='hidden' id='answerType136890' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136890[]' id='answer-id-560637' class='answer   answerof-136890 ' value='560637'   \/><label for='answer-id-560637' id='answer-label-560637' class=' answer'><span>Technical<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136890[]' id='answer-id-560638' class='answer   answerof-136890 ' value='560638'   \/><label for='answer-id-560638' id='answer-label-560638' class=' answer'><span>Regulatory<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136890[]' id='answer-id-560639' class='answer   answerof-136890 ' value='560639'   \/><label for='answer-id-560639' id='answer-label-560639' class=' answer'><span>Privacy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136890[]' id='answer-id-560640' class='answer   answerof-136890 ' value='560640'   \/><label for='answer-id-560640' id='answer-label-560640' class=' answer'><span>Business<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-21' style=';'><div id='questionWrap-21'  class='   watupro-question-id-136891'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>21. <\/span>When an organization hires a new information security manager, which of the following goals should this individual pursue FIRST?<\/div><input type='hidden' name='question_id[]' id='qID_21' value='136891' \/><input type='hidden' id='answerType136891' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136891[]' id='answer-id-560641' class='answer   answerof-136891 ' value='560641'   \/><label for='answer-id-560641' id='answer-label-560641' class=' answer'><span>Develop a security architecture<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136891[]' id='answer-id-560642' class='answer   answerof-136891 ' value='560642'   \/><label for='answer-id-560642' id='answer-label-560642' class=' answer'><span>Establish good communication with steering committee members<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136891[]' id='answer-id-560643' class='answer   answerof-136891 ' value='560643'   \/><label for='answer-id-560643' id='answer-label-560643' class=' answer'><span>Assemble an experienced staff<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136891[]' id='answer-id-560644' class='answer   answerof-136891 ' value='560644'   \/><label for='answer-id-560644' id='answer-label-560644' class=' answer'><span>Benchmark peer organizations<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-22' style=';'><div id='questionWrap-22'  class='   watupro-question-id-136892'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>22. <\/span>It is MOST important that information security architecture be aligned with which of the following?<\/div><input type='hidden' name='question_id[]' id='qID_22' value='136892' \/><input type='hidden' id='answerType136892' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136892[]' id='answer-id-560645' class='answer   answerof-136892 ' value='560645'   \/><label for='answer-id-560645' id='answer-label-560645' class=' answer'><span>Industry best practices<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136892[]' id='answer-id-560646' class='answer   answerof-136892 ' value='560646'   \/><label for='answer-id-560646' id='answer-label-560646' class=' answer'><span>Information technology plans<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136892[]' id='answer-id-560647' class='answer   answerof-136892 ' value='560647'   \/><label for='answer-id-560647' id='answer-label-560647' class=' answer'><span>Information security best practices<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136892[]' id='answer-id-560648' class='answer   answerof-136892 ' value='560648'   \/><label for='answer-id-560648' id='answer-label-560648' class=' answer'><span>Business objectives and goals<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-23' style=';'><div id='questionWrap-23'  class='   watupro-question-id-136893'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>23. <\/span>Which of the following is MOST likely to be discretionary?<\/div><input type='hidden' name='question_id[]' id='qID_23' value='136893' \/><input type='hidden' id='answerType136893' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136893[]' id='answer-id-560649' class='answer   answerof-136893 ' value='560649'   \/><label for='answer-id-560649' id='answer-label-560649' class=' answer'><span>Policies<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136893[]' id='answer-id-560650' class='answer   answerof-136893 ' value='560650'   \/><label for='answer-id-560650' id='answer-label-560650' class=' answer'><span>Procedures<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136893[]' id='answer-id-560651' class='answer   answerof-136893 ' value='560651'   \/><label for='answer-id-560651' id='answer-label-560651' class=' answer'><span>Guidelines<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136893[]' id='answer-id-560652' class='answer   answerof-136893 ' value='560652'   \/><label for='answer-id-560652' id='answer-label-560652' class=' answer'><span>Standards<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-24' style=';'><div id='questionWrap-24'  class='   watupro-question-id-136894'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>24. <\/span>Security technologies should be selected PRIMARILY on the basis of their:<\/div><input type='hidden' name='question_id[]' id='qID_24' value='136894' \/><input type='hidden' id='answerType136894' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136894[]' id='answer-id-560653' class='answer   answerof-136894 ' value='560653'   \/><label for='answer-id-560653' id='answer-label-560653' class=' answer'><span>ability to mitigate business risks.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136894[]' id='answer-id-560654' class='answer   answerof-136894 ' value='560654'   \/><label for='answer-id-560654' id='answer-label-560654' class=' answer'><span>evaluations in trade publications.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136894[]' id='answer-id-560655' class='answer   answerof-136894 ' value='560655'   \/><label for='answer-id-560655' id='answer-label-560655' class=' answer'><span>use of new and emerging technologies.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136894[]' id='answer-id-560656' class='answer   answerof-136894 ' value='560656'   \/><label for='answer-id-560656' id='answer-label-560656' class=' answer'><span>benefits in comparison to their costs.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-25' style=';'><div id='questionWrap-25'  class='   watupro-question-id-136895'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>25. <\/span>Which of the following are seldom changed in response to technological changes?<\/div><input type='hidden' name='question_id[]' id='qID_25' value='136895' \/><input type='hidden' id='answerType136895' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136895[]' id='answer-id-560657' class='answer   answerof-136895 ' value='560657'   \/><label for='answer-id-560657' id='answer-label-560657' class=' answer'><span>Standards<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136895[]' id='answer-id-560658' class='answer   answerof-136895 ' value='560658'   \/><label for='answer-id-560658' id='answer-label-560658' class=' answer'><span>Procedures<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136895[]' id='answer-id-560659' class='answer   answerof-136895 ' value='560659'   \/><label for='answer-id-560659' id='answer-label-560659' class=' answer'><span>Policies<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136895[]' id='answer-id-560660' class='answer   answerof-136895 ' value='560660'   \/><label for='answer-id-560660' id='answer-label-560660' class=' answer'><span>Guidelines<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-26' style=';'><div id='questionWrap-26'  class='   watupro-question-id-136896'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>26. <\/span>The MOST important factor in planning for the long-term retention of electronically stored business records is to take into account potential changes in:<\/div><input type='hidden' name='question_id[]' id='qID_26' value='136896' \/><input type='hidden' id='answerType136896' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136896[]' id='answer-id-560661' class='answer   answerof-136896 ' value='560661'   \/><label for='answer-id-560661' id='answer-label-560661' class=' answer'><span>storage capacity and shelf life.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136896[]' id='answer-id-560662' class='answer   answerof-136896 ' value='560662'   \/><label for='answer-id-560662' id='answer-label-560662' class=' answer'><span>regulatory and legal requirements.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136896[]' id='answer-id-560663' class='answer   answerof-136896 ' value='560663'   \/><label for='answer-id-560663' id='answer-label-560663' class=' answer'><span>business strategy and direction.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136896[]' id='answer-id-560664' class='answer   answerof-136896 ' value='560664'   \/><label for='answer-id-560664' id='answer-label-560664' class=' answer'><span>application systems and media.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-27' style=';'><div id='questionWrap-27'  class='   watupro-question-id-136897'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>27. <\/span>Which of the following is characteristic of decentralized information security management across a geographically dispersed organization?<\/div><input type='hidden' name='question_id[]' id='qID_27' value='136897' \/><input type='hidden' id='answerType136897' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136897[]' id='answer-id-560665' class='answer   answerof-136897 ' value='560665'   \/><label for='answer-id-560665' id='answer-label-560665' class=' answer'><span>More uniformity in quality of service<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136897[]' id='answer-id-560666' class='answer   answerof-136897 ' value='560666'   \/><label for='answer-id-560666' id='answer-label-560666' class=' answer'><span>Better adherence to policies<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136897[]' id='answer-id-560667' class='answer   answerof-136897 ' value='560667'   \/><label for='answer-id-560667' id='answer-label-560667' class=' answer'><span>Better alignment to business unit needs<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136897[]' id='answer-id-560668' class='answer   answerof-136897 ' value='560668'   \/><label for='answer-id-560668' id='answer-label-560668' class=' answer'><span>More savings in total operating costs<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-28' style=';'><div id='questionWrap-28'  class='   watupro-question-id-136898'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>28. <\/span>Which of the following is the MOST appropriate position to sponsor the design and implementation of a new security infrastructure in a large global enterprise?<\/div><input type='hidden' name='question_id[]' id='qID_28' value='136898' \/><input type='hidden' id='answerType136898' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136898[]' id='answer-id-560669' class='answer   answerof-136898 ' value='560669'   \/><label for='answer-id-560669' id='answer-label-560669' class=' answer'><span>Chief security officer (CSO)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136898[]' id='answer-id-560670' class='answer   answerof-136898 ' value='560670'   \/><label for='answer-id-560670' id='answer-label-560670' class=' answer'><span>Chief operating officer (COO)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136898[]' id='answer-id-560671' class='answer   answerof-136898 ' value='560671'   \/><label for='answer-id-560671' id='answer-label-560671' class=' answer'><span>Chief privacy officer (CPO)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136898[]' id='answer-id-560672' class='answer   answerof-136898 ' value='560672'   \/><label for='answer-id-560672' id='answer-label-560672' class=' answer'><span>Chief legal counsel (CLC)<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-29' style=';'><div id='questionWrap-29'  class='   watupro-question-id-136899'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>29. <\/span>Which of the following would be the MOST important goal of an information security governance program?<\/div><input type='hidden' name='question_id[]' id='qID_29' value='136899' \/><input type='hidden' id='answerType136899' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136899[]' id='answer-id-560673' class='answer   answerof-136899 ' value='560673'   \/><label for='answer-id-560673' id='answer-label-560673' class=' answer'><span>Review of internal control mechanisms<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136899[]' id='answer-id-560674' class='answer   answerof-136899 ' value='560674'   \/><label for='answer-id-560674' id='answer-label-560674' class=' answer'><span>Effective involvement in business decision making<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136899[]' id='answer-id-560675' class='answer   answerof-136899 ' value='560675'   \/><label for='answer-id-560675' id='answer-label-560675' class=' answer'><span>Total elimination of risk factors<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136899[]' id='answer-id-560676' class='answer   answerof-136899 ' value='560676'   \/><label for='answer-id-560676' id='answer-label-560676' class=' answer'><span>Ensuring trust in data<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-30' style=';'><div id='questionWrap-30'  class='   watupro-question-id-136900'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>30. <\/span>Relationships among security technologies are BEST defined through which of the following?<\/div><input type='hidden' name='question_id[]' id='qID_30' value='136900' \/><input type='hidden' id='answerType136900' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136900[]' id='answer-id-560677' class='answer   answerof-136900 ' value='560677'   \/><label for='answer-id-560677' id='answer-label-560677' class=' answer'><span>Security metrics<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136900[]' id='answer-id-560678' class='answer   answerof-136900 ' value='560678'   \/><label for='answer-id-560678' id='answer-label-560678' class=' answer'><span>Network topology<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136900[]' id='answer-id-560679' class='answer   answerof-136900 ' value='560679'   \/><label for='answer-id-560679' id='answer-label-560679' class=' answer'><span>Security architecture<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136900[]' id='answer-id-560680' class='answer   answerof-136900 ' value='560680'   \/><label for='answer-id-560680' id='answer-label-560680' class=' answer'><span>Process improvement models<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-31' style=';'><div id='questionWrap-31'  class='   watupro-question-id-136901'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>31. <\/span>A business unit intends to deploy a new technology in a manner that places it in violation of existing information security standards. <br \/>\r<br>What immediate action should an information security manager take?<\/div><input type='hidden' name='question_id[]' id='qID_31' value='136901' \/><input type='hidden' id='answerType136901' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136901[]' id='answer-id-560681' class='answer   answerof-136901 ' value='560681'   \/><label for='answer-id-560681' id='answer-label-560681' class=' answer'><span>Enforce the existing security standard<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136901[]' id='answer-id-560682' class='answer   answerof-136901 ' value='560682'   \/><label for='answer-id-560682' id='answer-label-560682' class=' answer'><span>Change the standard to permit the deployment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136901[]' id='answer-id-560683' class='answer   answerof-136901 ' value='560683'   \/><label for='answer-id-560683' id='answer-label-560683' class=' answer'><span>Perform a risk analysis to quantify the risk<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136901[]' id='answer-id-560684' class='answer   answerof-136901 ' value='560684'   \/><label for='answer-id-560684' id='answer-label-560684' class=' answer'><span>Perform research to propose use of a better technology<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-32' style=';'><div id='questionWrap-32'  class='   watupro-question-id-136902'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>32. <\/span>Acceptable levels of information security risk should be determined by:<\/div><input type='hidden' name='question_id[]' id='qID_32' value='136902' \/><input type='hidden' id='answerType136902' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136902[]' id='answer-id-560685' class='answer   answerof-136902 ' value='560685'   \/><label for='answer-id-560685' id='answer-label-560685' class=' answer'><span>legal counsel.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136902[]' id='answer-id-560686' class='answer   answerof-136902 ' value='560686'   \/><label for='answer-id-560686' id='answer-label-560686' class=' answer'><span>security management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136902[]' id='answer-id-560687' class='answer   answerof-136902 ' value='560687'   \/><label for='answer-id-560687' id='answer-label-560687' class=' answer'><span>external auditors.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136902[]' id='answer-id-560688' class='answer   answerof-136902 ' value='560688'   \/><label for='answer-id-560688' id='answer-label-560688' class=' answer'><span>die steering committee.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-33' style=';'><div id='questionWrap-33'  class='   watupro-question-id-136903'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>33. <\/span>The PRIMARY goal in developing an information security strategy is to:<\/div><input type='hidden' name='question_id[]' id='qID_33' value='136903' \/><input type='hidden' id='answerType136903' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136903[]' id='answer-id-560689' class='answer   answerof-136903 ' value='560689'   \/><label for='answer-id-560689' id='answer-label-560689' class=' answer'><span>establish security metrics and performance monitoring.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136903[]' id='answer-id-560690' class='answer   answerof-136903 ' value='560690'   \/><label for='answer-id-560690' id='answer-label-560690' class=' answer'><span>educate business process owners regarding their duties.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136903[]' id='answer-id-560691' class='answer   answerof-136903 ' value='560691'   \/><label for='answer-id-560691' id='answer-label-560691' class=' answer'><span>ensure that legal and regulatory requirements are met<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136903[]' id='answer-id-560692' class='answer   answerof-136903 ' value='560692'   \/><label for='answer-id-560692' id='answer-label-560692' class=' answer'><span>support the business objectives of the organization.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-34' style=';'><div id='questionWrap-34'  class='   watupro-question-id-136904'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>34. <\/span>Senior management commitment and support for information security can BEST be enhanced through:<\/div><input type='hidden' name='question_id[]' id='qID_34' value='136904' \/><input type='hidden' id='answerType136904' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136904[]' id='answer-id-560693' class='answer   answerof-136904 ' value='560693'   \/><label for='answer-id-560693' id='answer-label-560693' class=' answer'><span>a formal security policy sponsored by the chief executive officer (CEO).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136904[]' id='answer-id-560694' class='answer   answerof-136904 ' value='560694'   \/><label for='answer-id-560694' id='answer-label-560694' class=' answer'><span>regular security awareness training for employees.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136904[]' id='answer-id-560695' class='answer   answerof-136904 ' value='560695'   \/><label for='answer-id-560695' id='answer-label-560695' class=' answer'><span>periodic review of alignment with business management goals.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136904[]' id='answer-id-560696' class='answer   answerof-136904 ' value='560696'   \/><label for='answer-id-560696' id='answer-label-560696' class=' answer'><span>senior management signoff on the information security strategy.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-35' style=';'><div id='questionWrap-35'  class='   watupro-question-id-136905'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>35. <\/span>When identifying legal and regulatory issues affecting information security, which of the following would represent the BEST approach to developing information security policies?<\/div><input type='hidden' name='question_id[]' id='qID_35' value='136905' \/><input type='hidden' id='answerType136905' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136905[]' id='answer-id-560697' class='answer   answerof-136905 ' value='560697'   \/><label for='answer-id-560697' id='answer-label-560697' class=' answer'><span>Create separate policies to address each regulation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136905[]' id='answer-id-560698' class='answer   answerof-136905 ' value='560698'   \/><label for='answer-id-560698' id='answer-label-560698' class=' answer'><span>Develop policies that meet all mandated requirements<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136905[]' id='answer-id-560699' class='answer   answerof-136905 ' value='560699'   \/><label for='answer-id-560699' id='answer-label-560699' class=' answer'><span>Incorporate policy statements provided by regulators<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136905[]' id='answer-id-560700' class='answer   answerof-136905 ' value='560700'   \/><label for='answer-id-560700' id='answer-label-560700' class=' answer'><span>Develop a compliance risk assessment<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-36' style=';'><div id='questionWrap-36'  class='   watupro-question-id-136906'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>36. <\/span>Which of the following MOST commonly falls within the scope of an information security governance steering committee?<\/div><input type='hidden' name='question_id[]' id='qID_36' value='136906' \/><input type='hidden' id='answerType136906' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136906[]' id='answer-id-560701' class='answer   answerof-136906 ' value='560701'   \/><label for='answer-id-560701' id='answer-label-560701' class=' answer'><span>Interviewing candidates for information security specialist positions<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136906[]' id='answer-id-560702' class='answer   answerof-136906 ' value='560702'   \/><label for='answer-id-560702' id='answer-label-560702' class=' answer'><span>Developing content for security awareness programs<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136906[]' id='answer-id-560703' class='answer   answerof-136906 ' value='560703'   \/><label for='answer-id-560703' id='answer-label-560703' class=' answer'><span>Prioritizing information security initiatives<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136906[]' id='answer-id-560704' class='answer   answerof-136906 ' value='560704'   \/><label for='answer-id-560704' id='answer-label-560704' class=' answer'><span>Approving access to critical financial systems<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-37' style=';'><div id='questionWrap-37'  class='   watupro-question-id-136907'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>37. <\/span>Which of the following is the MOST important factor when designing information security architecture?<\/div><input type='hidden' name='question_id[]' id='qID_37' value='136907' \/><input type='hidden' id='answerType136907' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136907[]' id='answer-id-560705' class='answer   answerof-136907 ' value='560705'   \/><label for='answer-id-560705' id='answer-label-560705' class=' answer'><span>Technical platform interfaces<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136907[]' id='answer-id-560706' class='answer   answerof-136907 ' value='560706'   \/><label for='answer-id-560706' id='answer-label-560706' class=' answer'><span>Scalability of the network<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136907[]' id='answer-id-560707' class='answer   answerof-136907 ' value='560707'   \/><label for='answer-id-560707' id='answer-label-560707' class=' answer'><span>Development methodologies<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136907[]' id='answer-id-560708' class='answer   answerof-136907 ' value='560708'   \/><label for='answer-id-560708' id='answer-label-560708' class=' answer'><span>Stakeholder requirements<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-38' style=';'><div id='questionWrap-38'  class='   watupro-question-id-136908'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>38. <\/span>Which of the following characteristics is MOST important when looking at prospective candidates for the role of chief information security officer (CISO)?<\/div><input type='hidden' name='question_id[]' id='qID_38' value='136908' \/><input type='hidden' id='answerType136908' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136908[]' id='answer-id-560709' class='answer   answerof-136908 ' value='560709'   \/><label for='answer-id-560709' id='answer-label-560709' class=' answer'><span>Knowledge of information technology platforms, networks and development methodologies<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136908[]' id='answer-id-560710' class='answer   answerof-136908 ' value='560710'   \/><label for='answer-id-560710' id='answer-label-560710' class=' answer'><span>Ability to understand and map organizational needs to security technologies<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136908[]' id='answer-id-560711' class='answer   answerof-136908 ' value='560711'   \/><label for='answer-id-560711' id='answer-label-560711' class=' answer'><span>Knowledge of the regulatory environment and project management techniques<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136908[]' id='answer-id-560712' class='answer   answerof-136908 ' value='560712'   \/><label for='answer-id-560712' id='answer-label-560712' class=' answer'><span>Ability to manage a diverse group of individuals and resources across an organization<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-39' style=';'><div id='questionWrap-39'  class='   watupro-question-id-136909'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>39. <\/span>Which of the following are likely to be updated MOST frequently?<\/div><input type='hidden' name='question_id[]' id='qID_39' value='136909' \/><input type='hidden' id='answerType136909' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136909[]' id='answer-id-560713' class='answer   answerof-136909 ' value='560713'   \/><label for='answer-id-560713' id='answer-label-560713' class=' answer'><span>Procedures for hardening database servers<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136909[]' id='answer-id-560714' class='answer   answerof-136909 ' value='560714'   \/><label for='answer-id-560714' id='answer-label-560714' class=' answer'><span>Standards for password length and complexity<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136909[]' id='answer-id-560715' class='answer   answerof-136909 ' value='560715'   \/><label for='answer-id-560715' id='answer-label-560715' class=' answer'><span>Policies addressing information security governance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136909[]' id='answer-id-560716' class='answer   answerof-136909 ' value='560716'   \/><label for='answer-id-560716' id='answer-label-560716' class=' answer'><span>Standards for document retention and destruction<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-40' style=';'><div id='questionWrap-40'  class='   watupro-question-id-136910'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>40. <\/span>Who should be responsible for enforcing access rights to application data?<\/div><input type='hidden' name='question_id[]' id='qID_40' value='136910' \/><input type='hidden' id='answerType136910' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136910[]' id='answer-id-560717' class='answer   answerof-136910 ' value='560717'   \/><label for='answer-id-560717' id='answer-label-560717' class=' answer'><span>Data owners<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136910[]' id='answer-id-560718' class='answer   answerof-136910 ' value='560718'   \/><label for='answer-id-560718' id='answer-label-560718' class=' answer'><span>Business process owners<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136910[]' id='answer-id-560719' class='answer   answerof-136910 ' value='560719'   \/><label for='answer-id-560719' id='answer-label-560719' class=' answer'><span>The security steering committee<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136910[]' id='answer-id-560720' class='answer   answerof-136910 ' value='560720'   \/><label for='answer-id-560720' id='answer-label-560720' class=' answer'><span>Security administrators<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-41' style=';'><div id='questionWrap-41'  class='   watupro-question-id-136911'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>41. <\/span>The chief information security officer (CISO) should ideally have a direct reporting relationship to the:<\/div><input type='hidden' name='question_id[]' id='qID_41' value='136911' \/><input type='hidden' id='answerType136911' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136911[]' id='answer-id-560721' class='answer   answerof-136911 ' value='560721'   \/><label for='answer-id-560721' id='answer-label-560721' class=' answer'><span>head of internal audit.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136911[]' id='answer-id-560722' class='answer   answerof-136911 ' value='560722'   \/><label for='answer-id-560722' id='answer-label-560722' class=' answer'><span>chief operations officer (COO).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136911[]' id='answer-id-560723' class='answer   answerof-136911 ' value='560723'   \/><label for='answer-id-560723' id='answer-label-560723' class=' answer'><span>chief technology officer (CTO).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136911[]' id='answer-id-560724' class='answer   answerof-136911 ' value='560724'   \/><label for='answer-id-560724' id='answer-label-560724' class=' answer'><span>legal counsel.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-42' style=';'><div id='questionWrap-42'  class='   watupro-question-id-136912'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>42. <\/span>Which of the following is the MOST essential task for a chief information security officer (CISO) to perform?<\/div><input type='hidden' name='question_id[]' id='qID_42' value='136912' \/><input type='hidden' id='answerType136912' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136912[]' id='answer-id-560725' class='answer   answerof-136912 ' value='560725'   \/><label for='answer-id-560725' id='answer-label-560725' class=' answer'><span>Update platform-level security settings<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136912[]' id='answer-id-560726' class='answer   answerof-136912 ' value='560726'   \/><label for='answer-id-560726' id='answer-label-560726' class=' answer'><span>Conduct disaster recovery test exercises<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136912[]' id='answer-id-560727' class='answer   answerof-136912 ' value='560727'   \/><label for='answer-id-560727' id='answer-label-560727' class=' answer'><span>Approve access to critical financial systems<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136912[]' id='answer-id-560728' class='answer   answerof-136912 ' value='560728'   \/><label for='answer-id-560728' id='answer-label-560728' class=' answer'><span>Develop an information security strategy paper<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-43' style=';'><div id='questionWrap-43'  class='   watupro-question-id-136913'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>43. <\/span>Developing a successful business case for the acquisition of information security software products can BEST be assisted by:<\/div><input type='hidden' name='question_id[]' id='qID_43' value='136913' \/><input type='hidden' id='answerType136913' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136913[]' id='answer-id-560729' class='answer   answerof-136913 ' value='560729'   \/><label for='answer-id-560729' id='answer-label-560729' class=' answer'><span>assessing the frequency of incidents.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136913[]' id='answer-id-560730' class='answer   answerof-136913 ' value='560730'   \/><label for='answer-id-560730' id='answer-label-560730' class=' answer'><span>quantifying the cost of control failures.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136913[]' id='answer-id-560731' class='answer   answerof-136913 ' value='560731'   \/><label for='answer-id-560731' id='answer-label-560731' class=' answer'><span>calculating return on investment (ROD projections.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136913[]' id='answer-id-560732' class='answer   answerof-136913 ' value='560732'   \/><label for='answer-id-560732' id='answer-label-560732' class=' answer'><span>comparing spending against similar organizations.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-44' style=';'><div id='questionWrap-44'  class='   watupro-question-id-136914'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>44. <\/span>When an information security manager is developing a strategic plan for information security, the timeline for the plan should be:<\/div><input type='hidden' name='question_id[]' id='qID_44' value='136914' \/><input type='hidden' id='answerType136914' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136914[]' id='answer-id-560733' class='answer   answerof-136914 ' value='560733'   \/><label for='answer-id-560733' id='answer-label-560733' class=' answer'><span>aligned with the IT strategic plan.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136914[]' id='answer-id-560734' class='answer   answerof-136914 ' value='560734'   \/><label for='answer-id-560734' id='answer-label-560734' class=' answer'><span>based on the current rate of technological change.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136914[]' id='answer-id-560735' class='answer   answerof-136914 ' value='560735'   \/><label for='answer-id-560735' id='answer-label-560735' class=' answer'><span>three-to-five years for both hardware and software.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136914[]' id='answer-id-560736' class='answer   answerof-136914 ' value='560736'   \/><label for='answer-id-560736' id='answer-label-560736' class=' answer'><span>aligned with the business strategy.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-45' style=';'><div id='questionWrap-45'  class='   watupro-question-id-136915'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>45. <\/span>Which of the following is the MOST important information to include in a strategic plan for information security?<\/div><input type='hidden' name='question_id[]' id='qID_45' value='136915' \/><input type='hidden' id='answerType136915' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136915[]' id='answer-id-560737' class='answer   answerof-136915 ' value='560737'   \/><label for='answer-id-560737' id='answer-label-560737' class=' answer'><span>Information security staffing requirements<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136915[]' id='answer-id-560738' class='answer   answerof-136915 ' value='560738'   \/><label for='answer-id-560738' id='answer-label-560738' class=' answer'><span>Current state and desired future state<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136915[]' id='answer-id-560739' class='answer   answerof-136915 ' value='560739'   \/><label for='answer-id-560739' id='answer-label-560739' class=' answer'><span>IT capital investment requirements<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136915[]' id='answer-id-560740' class='answer   answerof-136915 ' value='560740'   \/><label for='answer-id-560740' id='answer-label-560740' class=' answer'><span>information security mission statement<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-46' style=';'><div id='questionWrap-46'  class='   watupro-question-id-136916'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>46. <\/span>Information security projects should be prioritized on the basis of:<\/div><input type='hidden' name='question_id[]' id='qID_46' value='136916' \/><input type='hidden' id='answerType136916' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136916[]' id='answer-id-560741' class='answer   answerof-136916 ' value='560741'   \/><label for='answer-id-560741' id='answer-label-560741' class=' answer'><span>time required for implementation.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136916[]' id='answer-id-560742' class='answer   answerof-136916 ' value='560742'   \/><label for='answer-id-560742' id='answer-label-560742' class=' answer'><span>impact on the organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136916[]' id='answer-id-560743' class='answer   answerof-136916 ' value='560743'   \/><label for='answer-id-560743' id='answer-label-560743' class=' answer'><span>total cost for implementation.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136916[]' id='answer-id-560744' class='answer   answerof-136916 ' value='560744'   \/><label for='answer-id-560744' id='answer-label-560744' class=' answer'><span>mix of resources required.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-47' style=';'><div id='questionWrap-47'  class='   watupro-question-id-136917'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>47. <\/span>Which of the following is the MOST important information to include in an information security standard?<\/div><input type='hidden' name='question_id[]' id='qID_47' value='136917' \/><input type='hidden' id='answerType136917' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136917[]' id='answer-id-560745' class='answer   answerof-136917 ' value='560745'   \/><label for='answer-id-560745' id='answer-label-560745' class=' answer'><span>Creation date<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136917[]' id='answer-id-560746' class='answer   answerof-136917 ' value='560746'   \/><label for='answer-id-560746' id='answer-label-560746' class=' answer'><span>Author name<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136917[]' id='answer-id-560747' class='answer   answerof-136917 ' value='560747'   \/><label for='answer-id-560747' id='answer-label-560747' class=' answer'><span>Initial draft approval date<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136917[]' id='answer-id-560748' class='answer   answerof-136917 ' value='560748'   \/><label for='answer-id-560748' id='answer-label-560748' class=' answer'><span>Last review date<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-48' style=';'><div id='questionWrap-48'  class='   watupro-question-id-136918'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>48. <\/span>Which of the following would BEST prepare an information security manager for regulatory reviews?<\/div><input type='hidden' name='question_id[]' id='qID_48' value='136918' \/><input type='hidden' id='answerType136918' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136918[]' id='answer-id-560749' class='answer   answerof-136918 ' value='560749'   \/><label for='answer-id-560749' id='answer-label-560749' class=' answer'><span>Assign an information security administrator as regulatory liaison<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136918[]' id='answer-id-560750' class='answer   answerof-136918 ' value='560750'   \/><label for='answer-id-560750' id='answer-label-560750' class=' answer'><span>Perform self-assessments using regulatory guidelines and reports<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136918[]' id='answer-id-560751' class='answer   answerof-136918 ' value='560751'   \/><label for='answer-id-560751' id='answer-label-560751' class=' answer'><span>Assess previous regulatory reports with process owners input<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136918[]' id='answer-id-560752' class='answer   answerof-136918 ' value='560752'   \/><label for='answer-id-560752' id='answer-label-560752' class=' answer'><span>Ensure all regulatory inquiries are sanctioned by the legal department<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-49' style=';'><div id='questionWrap-49'  class='   watupro-question-id-136919'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>49. <\/span>An information security manager at a global organization that is subject to regulation by multiple governmental jurisdictions with differing requirements should:<\/div><input type='hidden' name='question_id[]' id='qID_49' value='136919' \/><input type='hidden' id='answerType136919' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136919[]' id='answer-id-560753' class='answer   answerof-136919 ' value='560753'   \/><label for='answer-id-560753' id='answer-label-560753' class=' answer'><span>bring all locations into conformity with the aggregate requirements of all governmental jurisdictions.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136919[]' id='answer-id-560754' class='answer   answerof-136919 ' value='560754'   \/><label for='answer-id-560754' id='answer-label-560754' class=' answer'><span>establish baseline standards for all locations and add supplemental standards as required.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136919[]' id='answer-id-560755' class='answer   answerof-136919 ' value='560755'   \/><label for='answer-id-560755' id='answer-label-560755' class=' answer'><span>bring all locations into conformity with a generally accepted set of industry best practices.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136919[]' id='answer-id-560756' class='answer   answerof-136919 ' value='560756'   \/><label for='answer-id-560756' id='answer-label-560756' class=' answer'><span>establish a baseline standard incorporating those requirements that all jurisdictions have in common.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-50' style=';'><div id='questionWrap-50'  class='   watupro-question-id-136920'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>50. <\/span>Which of the following BEST describes an information security manager's role in a multidisciplinary team that will address a new regulatory requirement regarding operational risk?<\/div><input type='hidden' name='question_id[]' id='qID_50' value='136920' \/><input type='hidden' id='answerType136920' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136920[]' id='answer-id-560757' class='answer   answerof-136920 ' value='560757'   \/><label for='answer-id-560757' id='answer-label-560757' class=' answer'><span>Ensure that all IT risks are identified<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136920[]' id='answer-id-560758' class='answer   answerof-136920 ' value='560758'   \/><label for='answer-id-560758' id='answer-label-560758' class=' answer'><span>Evaluate the impact of information security risks<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136920[]' id='answer-id-560759' class='answer   answerof-136920 ' value='560759'   \/><label for='answer-id-560759' id='answer-label-560759' class=' answer'><span>Demonstrate that IT mitigating controls are in place<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136920[]' id='answer-id-560760' class='answer   answerof-136920 ' value='560760'   \/><label for='answer-id-560760' id='answer-label-560760' class=' answer'><span>Suggest new IT controls to mitigate operational risk<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-51' style=';'><div id='questionWrap-51'  class='   watupro-question-id-136921'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>51. <\/span>From an information security manager perspective, what is the immediate benefit of clearly-defined roles and responsibilities?<\/div><input type='hidden' name='question_id[]' id='qID_51' value='136921' \/><input type='hidden' id='answerType136921' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136921[]' id='answer-id-560761' class='answer   answerof-136921 ' value='560761'   \/><label for='answer-id-560761' id='answer-label-560761' class=' answer'><span>Enhanced policy compliance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136921[]' id='answer-id-560762' class='answer   answerof-136921 ' value='560762'   \/><label for='answer-id-560762' id='answer-label-560762' class=' answer'><span>Improved procedure flows<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136921[]' id='answer-id-560763' class='answer   answerof-136921 ' value='560763'   \/><label for='answer-id-560763' id='answer-label-560763' class=' answer'><span>Segregation of duties<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136921[]' id='answer-id-560764' class='answer   answerof-136921 ' value='560764'   \/><label for='answer-id-560764' id='answer-label-560764' class=' answer'><span>Better accountability<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-52' style=';'><div id='questionWrap-52'  class='   watupro-question-id-136922'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>52. <\/span>An internal audit has identified major weaknesses over IT processing. <br \/>\r<br>Which of the following should an information security manager use to BEST convey a sense of urgency to management?<\/div><input type='hidden' name='question_id[]' id='qID_52' value='136922' \/><input type='hidden' id='answerType136922' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136922[]' id='answer-id-560765' class='answer   answerof-136922 ' value='560765'   \/><label for='answer-id-560765' id='answer-label-560765' class=' answer'><span>Security metrics reports<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136922[]' id='answer-id-560766' class='answer   answerof-136922 ' value='560766'   \/><label for='answer-id-560766' id='answer-label-560766' class=' answer'><span>Risk assessment reports<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136922[]' id='answer-id-560767' class='answer   answerof-136922 ' value='560767'   \/><label for='answer-id-560767' id='answer-label-560767' class=' answer'><span>Business impact analysis (BIA)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136922[]' id='answer-id-560768' class='answer   answerof-136922 ' value='560768'   \/><label for='answer-id-560768' id='answer-label-560768' class=' answer'><span>Return on security investment report<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-53' style=';'><div id='questionWrap-53'  class='   watupro-question-id-136923'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>53. <\/span>Reviewing which of the following would BEST ensure that security controls are effective?<\/div><input type='hidden' name='question_id[]' id='qID_53' value='136923' \/><input type='hidden' id='answerType136923' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136923[]' id='answer-id-560769' class='answer   answerof-136923 ' value='560769'   \/><label for='answer-id-560769' id='answer-label-560769' class=' answer'><span>Risk assessment policies<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136923[]' id='answer-id-560770' class='answer   answerof-136923 ' value='560770'   \/><label for='answer-id-560770' id='answer-label-560770' class=' answer'><span>Return on security investment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136923[]' id='answer-id-560771' class='answer   answerof-136923 ' value='560771'   \/><label for='answer-id-560771' id='answer-label-560771' class=' answer'><span>Security metrics<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136923[]' id='answer-id-560772' class='answer   answerof-136923 ' value='560772'   \/><label for='answer-id-560772' id='answer-label-560772' class=' answer'><span>User access rights<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-54' style=';'><div id='questionWrap-54'  class='   watupro-question-id-136924'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>54. <\/span>Which of the following is responsible for legal and regulatory liability?<\/div><input type='hidden' name='question_id[]' id='qID_54' value='136924' \/><input type='hidden' id='answerType136924' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136924[]' id='answer-id-560773' class='answer   answerof-136924 ' value='560773'   \/><label for='answer-id-560773' id='answer-label-560773' class=' answer'><span>Chief security officer (CSO)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136924[]' id='answer-id-560774' class='answer   answerof-136924 ' value='560774'   \/><label for='answer-id-560774' id='answer-label-560774' class=' answer'><span>Chief legal counsel (CLC)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136924[]' id='answer-id-560775' class='answer   answerof-136924 ' value='560775'   \/><label for='answer-id-560775' id='answer-label-560775' class=' answer'><span>Board and senior management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136924[]' id='answer-id-560776' class='answer   answerof-136924 ' value='560776'   \/><label for='answer-id-560776' id='answer-label-560776' class=' answer'><span>Information security steering group<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-55' style=';'><div id='questionWrap-55'  class='   watupro-question-id-136925'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>55. <\/span>While implementing information security governance an organization should FIRST:<\/div><input type='hidden' name='question_id[]' id='qID_55' value='136925' \/><input type='hidden' id='answerType136925' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136925[]' id='answer-id-560777' class='answer   answerof-136925 ' value='560777'   \/><label for='answer-id-560777' id='answer-label-560777' class=' answer'><span>adopt security standards.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136925[]' id='answer-id-560778' class='answer   answerof-136925 ' value='560778'   \/><label for='answer-id-560778' id='answer-label-560778' class=' answer'><span>determine security baselines.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136925[]' id='answer-id-560779' class='answer   answerof-136925 ' value='560779'   \/><label for='answer-id-560779' id='answer-label-560779' class=' answer'><span>define the security strategy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136925[]' id='answer-id-560780' class='answer   answerof-136925 ' value='560780'   \/><label for='answer-id-560780' id='answer-label-560780' class=' answer'><span>establish security policies.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-56' style=';'><div id='questionWrap-56'  class='   watupro-question-id-136926'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>56. <\/span>The MOST basic requirement for an information security governance program is to:<\/div><input type='hidden' name='question_id[]' id='qID_56' value='136926' \/><input type='hidden' id='answerType136926' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136926[]' id='answer-id-560781' class='answer   answerof-136926 ' value='560781'   \/><label for='answer-id-560781' id='answer-label-560781' class=' answer'><span>be aligned with the corporate business strategy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136926[]' id='answer-id-560782' class='answer   answerof-136926 ' value='560782'   \/><label for='answer-id-560782' id='answer-label-560782' class=' answer'><span>be based on a sound risk management approach.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136926[]' id='answer-id-560783' class='answer   answerof-136926 ' value='560783'   \/><label for='answer-id-560783' id='answer-label-560783' class=' answer'><span>provide adequate regulatory compliance.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136926[]' id='answer-id-560784' class='answer   answerof-136926 ' value='560784'   \/><label for='answer-id-560784' id='answer-label-560784' class=' answer'><span>provide best practices for security- initiatives.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-57' style=';'><div id='questionWrap-57'  class='   watupro-question-id-136927'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>57. <\/span>Information security policy enforcement is the responsibility of the:<\/div><input type='hidden' name='question_id[]' id='qID_57' value='136927' \/><input type='hidden' id='answerType136927' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136927[]' id='answer-id-560785' class='answer   answerof-136927 ' value='560785'   \/><label for='answer-id-560785' id='answer-label-560785' class=' answer'><span>security steering committee.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136927[]' id='answer-id-560786' class='answer   answerof-136927 ' value='560786'   \/><label for='answer-id-560786' id='answer-label-560786' class=' answer'><span>chief information officer (CIO).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136927[]' id='answer-id-560787' class='answer   answerof-136927 ' value='560787'   \/><label for='answer-id-560787' id='answer-label-560787' class=' answer'><span>chief information security officer (CISO).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136927[]' id='answer-id-560788' class='answer   answerof-136927 ' value='560788'   \/><label for='answer-id-560788' id='answer-label-560788' class=' answer'><span>chief compliance officer (CCO).<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-58' style=';'><div id='questionWrap-58'  class='   watupro-question-id-136928'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>58. <\/span>A good privacy statement should include:<\/div><input type='hidden' name='question_id[]' id='qID_58' value='136928' \/><input type='hidden' id='answerType136928' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136928[]' id='answer-id-560789' class='answer   answerof-136928 ' value='560789'   \/><label for='answer-id-560789' id='answer-label-560789' class=' answer'><span>notification of liability on accuracy of information.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136928[]' id='answer-id-560790' class='answer   answerof-136928 ' value='560790'   \/><label for='answer-id-560790' id='answer-label-560790' class=' answer'><span>notification that information will be encrypted.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136928[]' id='answer-id-560791' class='answer   answerof-136928 ' value='560791'   \/><label for='answer-id-560791' id='answer-label-560791' class=' answer'><span>what the company will do with information it collects.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136928[]' id='answer-id-560792' class='answer   answerof-136928 ' value='560792'   \/><label for='answer-id-560792' id='answer-label-560792' class=' answer'><span>a description of the information classification process.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-59' style=';'><div id='questionWrap-59'  class='   watupro-question-id-136929'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>59. <\/span>Which of the following would be MOST effective in successfully implementing restrictive password policies?<\/div><input type='hidden' name='question_id[]' id='qID_59' value='136929' \/><input type='hidden' id='answerType136929' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136929[]' id='answer-id-560793' class='answer   answerof-136929 ' value='560793'   \/><label for='answer-id-560793' id='answer-label-560793' class=' answer'><span>Regular password audits<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136929[]' id='answer-id-560794' class='answer   answerof-136929 ' value='560794'   \/><label for='answer-id-560794' id='answer-label-560794' class=' answer'><span>Single sign-on system<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136929[]' id='answer-id-560795' class='answer   answerof-136929 ' value='560795'   \/><label for='answer-id-560795' id='answer-label-560795' class=' answer'><span>Security awareness program<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136929[]' id='answer-id-560796' class='answer   answerof-136929 ' value='560796'   \/><label for='answer-id-560796' id='answer-label-560796' class=' answer'><span>Penalties for noncompliance<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-60' style=';'><div id='questionWrap-60'  class='   watupro-question-id-136930'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>60. <\/span>When designing an information security quarterly report to management, the MOST important element to be considered should be the:<\/div><input type='hidden' name='question_id[]' id='qID_60' value='136930' \/><input type='hidden' id='answerType136930' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136930[]' id='answer-id-560797' class='answer   answerof-136930 ' value='560797'   \/><label for='answer-id-560797' id='answer-label-560797' class=' answer'><span>information security metrics.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136930[]' id='answer-id-560798' class='answer   answerof-136930 ' value='560798'   \/><label for='answer-id-560798' id='answer-label-560798' class=' answer'><span>knowledge required to analyze each issue.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136930[]' id='answer-id-560799' class='answer   answerof-136930 ' value='560799'   \/><label for='answer-id-560799' id='answer-label-560799' class=' answer'><span>linkage to business area objectives.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136930[]' id='answer-id-560800' class='answer   answerof-136930 ' value='560800'   \/><label for='answer-id-560800' id='answer-label-560800' class=' answer'><span>baseline against which metrics are evaluated.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-61' style=';'><div id='questionWrap-61'  class='   watupro-question-id-136931'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>61. <\/span>An information security manager at a global organization has to ensure that the local information security program will initially ensure compliance with the:<\/div><input type='hidden' name='question_id[]' id='qID_61' value='136931' \/><input type='hidden' id='answerType136931' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136931[]' id='answer-id-560801' class='answer   answerof-136931 ' value='560801'   \/><label for='answer-id-560801' id='answer-label-560801' class=' answer'><span>corporate data privacy policy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136931[]' id='answer-id-560802' class='answer   answerof-136931 ' value='560802'   \/><label for='answer-id-560802' id='answer-label-560802' class=' answer'><span>data privacy policy where data are collected.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136931[]' id='answer-id-560803' class='answer   answerof-136931 ' value='560803'   \/><label for='answer-id-560803' id='answer-label-560803' class=' answer'><span>data privacy policy of the headquarters' country.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136931[]' id='answer-id-560804' class='answer   answerof-136931 ' value='560804'   \/><label for='answer-id-560804' id='answer-label-560804' class=' answer'><span>data privacy directive applicable globally.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-62' style=';'><div id='questionWrap-62'  class='   watupro-question-id-136932'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>62. <\/span>A new regulation for safeguarding information processed by a specific type of transaction has come to the attention of an information security officer. The officer should FIRST:<\/div><input type='hidden' name='question_id[]' id='qID_62' value='136932' \/><input type='hidden' id='answerType136932' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136932[]' id='answer-id-560805' class='answer   answerof-136932 ' value='560805'   \/><label for='answer-id-560805' id='answer-label-560805' class=' answer'><span>meet with stakeholders to decide how to comply.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136932[]' id='answer-id-560806' class='answer   answerof-136932 ' value='560806'   \/><label for='answer-id-560806' id='answer-label-560806' class=' answer'><span>analyze key risks in the compliance process.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136932[]' id='answer-id-560807' class='answer   answerof-136932 ' value='560807'   \/><label for='answer-id-560807' id='answer-label-560807' class=' answer'><span>assess whether existing controls meet the regulation.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136932[]' id='answer-id-560808' class='answer   answerof-136932 ' value='560808'   \/><label for='answer-id-560808' id='answer-label-560808' class=' answer'><span>update the existing security\/privacy policy.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-63' style=';'><div id='questionWrap-63'  class='   watupro-question-id-136933'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>63. <\/span>The PRIMARY objective of a security steering group is to:<\/div><input type='hidden' name='question_id[]' id='qID_63' value='136933' \/><input type='hidden' id='answerType136933' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136933[]' id='answer-id-560809' class='answer   answerof-136933 ' value='560809'   \/><label for='answer-id-560809' id='answer-label-560809' class=' answer'><span>ensure information security covers all business functions.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136933[]' id='answer-id-560810' class='answer   answerof-136933 ' value='560810'   \/><label for='answer-id-560810' id='answer-label-560810' class=' answer'><span>ensure information security aligns with business goals.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136933[]' id='answer-id-560811' class='answer   answerof-136933 ' value='560811'   \/><label for='answer-id-560811' id='answer-label-560811' class=' answer'><span>raise information security awareness across the organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136933[]' id='answer-id-560812' class='answer   answerof-136933 ' value='560812'   \/><label for='answer-id-560812' id='answer-label-560812' class=' answer'><span>implement all decisions on security management across the organization.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-64' style=';'><div id='questionWrap-64'  class='   watupro-question-id-136934'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>64. <\/span>Data owners must provide a safe and secure environment to ensure confidentiality, integrity and availability of the transaction. This is an example of an information security:<\/div><input type='hidden' name='question_id[]' id='qID_64' value='136934' \/><input type='hidden' id='answerType136934' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136934[]' id='answer-id-560813' class='answer   answerof-136934 ' value='560813'   \/><label for='answer-id-560813' id='answer-label-560813' class=' answer'><span>baseline.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136934[]' id='answer-id-560814' class='answer   answerof-136934 ' value='560814'   \/><label for='answer-id-560814' id='answer-label-560814' class=' answer'><span>strategy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136934[]' id='answer-id-560815' class='answer   answerof-136934 ' value='560815'   \/><label for='answer-id-560815' id='answer-label-560815' class=' answer'><span>procedure.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136934[]' id='answer-id-560816' class='answer   answerof-136934 ' value='560816'   \/><label for='answer-id-560816' id='answer-label-560816' class=' answer'><span>policy.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-65' style=';'><div id='questionWrap-65'  class='   watupro-question-id-136935'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>65. <\/span>At what stage of the applications development process should the security department initially become involved?<\/div><input type='hidden' name='question_id[]' id='qID_65' value='136935' \/><input type='hidden' id='answerType136935' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136935[]' id='answer-id-560817' class='answer   answerof-136935 ' value='560817'   \/><label for='answer-id-560817' id='answer-label-560817' class=' answer'><span>When requested<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136935[]' id='answer-id-560818' class='answer   answerof-136935 ' value='560818'   \/><label for='answer-id-560818' id='answer-label-560818' class=' answer'><span>At testing<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136935[]' id='answer-id-560819' class='answer   answerof-136935 ' value='560819'   \/><label for='answer-id-560819' id='answer-label-560819' class=' answer'><span>At programming<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136935[]' id='answer-id-560820' class='answer   answerof-136935 ' value='560820'   \/><label for='answer-id-560820' id='answer-label-560820' class=' answer'><span>At detail requirements<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-66' style=';'><div id='questionWrap-66'  class='   watupro-question-id-136936'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>66. <\/span>A security manager is preparing a report to obtain the commitment of executive management to a security program. Inclusion of which of the following would be of MOST value?<\/div><input type='hidden' name='question_id[]' id='qID_66' value='136936' \/><input type='hidden' id='answerType136936' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136936[]' id='answer-id-560821' class='answer   answerof-136936 ' value='560821'   \/><label for='answer-id-560821' id='answer-label-560821' class=' answer'><span>Examples of genuine incidents at similar organizations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136936[]' id='answer-id-560822' class='answer   answerof-136936 ' value='560822'   \/><label for='answer-id-560822' id='answer-label-560822' class=' answer'><span>Statement of generally accepted best practices<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136936[]' id='answer-id-560823' class='answer   answerof-136936 ' value='560823'   \/><label for='answer-id-560823' id='answer-label-560823' class=' answer'><span>Associating realistic threats to corporate objectives<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136936[]' id='answer-id-560824' class='answer   answerof-136936 ' value='560824'   \/><label for='answer-id-560824' id='answer-label-560824' class=' answer'><span>Analysis of current technological exposures<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-67' style=';'><div id='questionWrap-67'  class='   watupro-question-id-136937'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>67. <\/span>The PRIMARY concern of an information security manager documenting a formal data retention policy would be:<\/div><input type='hidden' name='question_id[]' id='qID_67' value='136937' \/><input type='hidden' id='answerType136937' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136937[]' id='answer-id-560825' class='answer   answerof-136937 ' value='560825'   \/><label for='answer-id-560825' id='answer-label-560825' class=' answer'><span>generally accepted industry best practices.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136937[]' id='answer-id-560826' class='answer   answerof-136937 ' value='560826'   \/><label for='answer-id-560826' id='answer-label-560826' class=' answer'><span>business requirements.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136937[]' id='answer-id-560827' class='answer   answerof-136937 ' value='560827'   \/><label for='answer-id-560827' id='answer-label-560827' class=' answer'><span>legislative and regulatory requirements.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136937[]' id='answer-id-560828' class='answer   answerof-136937 ' value='560828'   \/><label for='answer-id-560828' id='answer-label-560828' class=' answer'><span>storage availability.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-68' style=';'><div id='questionWrap-68'  class='   watupro-question-id-136938'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>68. <\/span>When personal information is transmitted across networks, there MUST be adequate controls over:<\/div><input type='hidden' name='question_id[]' id='qID_68' value='136938' \/><input type='hidden' id='answerType136938' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136938[]' id='answer-id-560829' class='answer   answerof-136938 ' value='560829'   \/><label for='answer-id-560829' id='answer-label-560829' class=' answer'><span>change management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136938[]' id='answer-id-560830' class='answer   answerof-136938 ' value='560830'   \/><label for='answer-id-560830' id='answer-label-560830' class=' answer'><span>privacy protection.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136938[]' id='answer-id-560831' class='answer   answerof-136938 ' value='560831'   \/><label for='answer-id-560831' id='answer-label-560831' class=' answer'><span>consent to data transfer.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136938[]' id='answer-id-560832' class='answer   answerof-136938 ' value='560832'   \/><label for='answer-id-560832' id='answer-label-560832' class=' answer'><span>encryption devices.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-69' style=';'><div id='questionWrap-69'  class='   watupro-question-id-136939'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>69. <\/span>An organization's information security processes are currently defined as ad hoc. In seeking to improve their performance level, the next step for the organization should be to:<\/div><input type='hidden' name='question_id[]' id='qID_69' value='136939' \/><input type='hidden' id='answerType136939' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136939[]' id='answer-id-560833' class='answer   answerof-136939 ' value='560833'   \/><label for='answer-id-560833' id='answer-label-560833' class=' answer'><span>ensure that security processes are consistent across the organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136939[]' id='answer-id-560834' class='answer   answerof-136939 ' value='560834'   \/><label for='answer-id-560834' id='answer-label-560834' class=' answer'><span>enforce baseline security levels across the organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136939[]' id='answer-id-560835' class='answer   answerof-136939 ' value='560835'   \/><label for='answer-id-560835' id='answer-label-560835' class=' answer'><span>ensure that security processes are fully documented.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136939[]' id='answer-id-560836' class='answer   answerof-136939 ' value='560836'   \/><label for='answer-id-560836' id='answer-label-560836' class=' answer'><span>implement monitoring of key performance indicators for security processes.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-70' style=';'><div id='questionWrap-70'  class='   watupro-question-id-136940'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>70. <\/span>Who in an organization has the responsibility for classifying information?<\/div><input type='hidden' name='question_id[]' id='qID_70' value='136940' \/><input type='hidden' id='answerType136940' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136940[]' id='answer-id-560837' class='answer   answerof-136940 ' value='560837'   \/><label for='answer-id-560837' id='answer-label-560837' class=' answer'><span>Data custodian<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136940[]' id='answer-id-560838' class='answer   answerof-136940 ' value='560838'   \/><label for='answer-id-560838' id='answer-label-560838' class=' answer'><span>Database administrator<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136940[]' id='answer-id-560839' class='answer   answerof-136940 ' value='560839'   \/><label for='answer-id-560839' id='answer-label-560839' class=' answer'><span>Information security officer<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136940[]' id='answer-id-560840' class='answer   answerof-136940 ' value='560840'   \/><label for='answer-id-560840' id='answer-label-560840' class=' answer'><span>Data owner<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-71' style=';'><div id='questionWrap-71'  class='   watupro-question-id-136941'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>71. <\/span>What is the PRIMARY role of the information security manager in the process of information classification within an organization?<\/div><input type='hidden' name='question_id[]' id='qID_71' value='136941' \/><input type='hidden' id='answerType136941' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136941[]' id='answer-id-560841' class='answer   answerof-136941 ' value='560841'   \/><label for='answer-id-560841' id='answer-label-560841' class=' answer'><span>Defining and ratifying the classification structure of information assets<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136941[]' id='answer-id-560842' class='answer   answerof-136941 ' value='560842'   \/><label for='answer-id-560842' id='answer-label-560842' class=' answer'><span>Deciding the classification levels applied to the organization's information assets<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136941[]' id='answer-id-560843' class='answer   answerof-136941 ' value='560843'   \/><label for='answer-id-560843' id='answer-label-560843' class=' answer'><span>Securing information assets in accordance with their classification<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136941[]' id='answer-id-560844' class='answer   answerof-136941 ' value='560844'   \/><label for='answer-id-560844' id='answer-label-560844' class=' answer'><span>Checking if information assets have been classified properly<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-72' style=';'><div id='questionWrap-72'  class='   watupro-question-id-136942'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>72. <\/span>Logging is an example of which type of defense against systems compromise?<\/div><input type='hidden' name='question_id[]' id='qID_72' value='136942' \/><input type='hidden' id='answerType136942' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136942[]' id='answer-id-560845' class='answer   answerof-136942 ' value='560845'   \/><label for='answer-id-560845' id='answer-label-560845' class=' answer'><span>Containment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136942[]' id='answer-id-560846' class='answer   answerof-136942 ' value='560846'   \/><label for='answer-id-560846' id='answer-label-560846' class=' answer'><span>Detection<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136942[]' id='answer-id-560847' class='answer   answerof-136942 ' value='560847'   \/><label for='answer-id-560847' id='answer-label-560847' class=' answer'><span>Reaction<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136942[]' id='answer-id-560848' class='answer   answerof-136942 ' value='560848'   \/><label for='answer-id-560848' id='answer-label-560848' class=' answer'><span>Recovery<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-73' style=';'><div id='questionWrap-73'  class='   watupro-question-id-136943'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>73. <\/span>Which of the following is MOST important in developing a security strategy?<\/div><input type='hidden' name='question_id[]' id='qID_73' value='136943' \/><input type='hidden' id='answerType136943' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136943[]' id='answer-id-560849' class='answer   answerof-136943 ' value='560849'   \/><label for='answer-id-560849' id='answer-label-560849' class=' answer'><span>Creating a positive business security environment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136943[]' id='answer-id-560850' class='answer   answerof-136943 ' value='560850'   \/><label for='answer-id-560850' id='answer-label-560850' class=' answer'><span>Understanding key business objectives<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136943[]' id='answer-id-560851' class='answer   answerof-136943 ' value='560851'   \/><label for='answer-id-560851' id='answer-label-560851' class=' answer'><span>Having a reporting line to senior management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136943[]' id='answer-id-560852' class='answer   answerof-136943 ' value='560852'   \/><label for='answer-id-560852' id='answer-label-560852' class=' answer'><span>Allocating sufficient resources to information security<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-74' style=';'><div id='questionWrap-74'  class='   watupro-question-id-136944'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>74. <\/span>Who is ultimately responsible for the organization's information?<\/div><input type='hidden' name='question_id[]' id='qID_74' value='136944' \/><input type='hidden' id='answerType136944' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136944[]' id='answer-id-560853' class='answer   answerof-136944 ' value='560853'   \/><label for='answer-id-560853' id='answer-label-560853' class=' answer'><span>Data custodian<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136944[]' id='answer-id-560854' class='answer   answerof-136944 ' value='560854'   \/><label for='answer-id-560854' id='answer-label-560854' class=' answer'><span>Chief information security officer (CISO)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136944[]' id='answer-id-560855' class='answer   answerof-136944 ' value='560855'   \/><label for='answer-id-560855' id='answer-label-560855' class=' answer'><span>Board of directors<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136944[]' id='answer-id-560856' class='answer   answerof-136944 ' value='560856'   \/><label for='answer-id-560856' id='answer-label-560856' class=' answer'><span>Chief information officer (CIO)<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-75' style=';'><div id='questionWrap-75'  class='   watupro-question-id-136945'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>75. <\/span>Which of the following factors is a PRIMARY driver for information security governance that does not require any further justification?<\/div><input type='hidden' name='question_id[]' id='qID_75' value='136945' \/><input type='hidden' id='answerType136945' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136945[]' id='answer-id-560857' class='answer   answerof-136945 ' value='560857'   \/><label for='answer-id-560857' id='answer-label-560857' class=' answer'><span>Alignment with industry best practices<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136945[]' id='answer-id-560858' class='answer   answerof-136945 ' value='560858'   \/><label for='answer-id-560858' id='answer-label-560858' class=' answer'><span>Business continuity investment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136945[]' id='answer-id-560859' class='answer   answerof-136945 ' value='560859'   \/><label for='answer-id-560859' id='answer-label-560859' class=' answer'><span>Business benefits<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136945[]' id='answer-id-560860' class='answer   answerof-136945 ' value='560860'   \/><label for='answer-id-560860' id='answer-label-560860' class=' answer'><span>Regulatory compliance<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-76' style=';'><div id='questionWrap-76'  class='   watupro-question-id-136946'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>76. <\/span>A security manager meeting the requirements for the international flow of personal data will need to ensure:<\/div><input type='hidden' name='question_id[]' id='qID_76' value='136946' \/><input type='hidden' id='answerType136946' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136946[]' id='answer-id-560861' class='answer   answerof-136946 ' value='560861'   \/><label for='answer-id-560861' id='answer-label-560861' class=' answer'><span>a data processing agreement.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136946[]' id='answer-id-560862' class='answer   answerof-136946 ' value='560862'   \/><label for='answer-id-560862' id='answer-label-560862' class=' answer'><span>a data protection registration.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136946[]' id='answer-id-560863' class='answer   answerof-136946 ' value='560863'   \/><label for='answer-id-560863' id='answer-label-560863' class=' answer'><span>the agreement of the data subjects.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136946[]' id='answer-id-560864' class='answer   answerof-136946 ' value='560864'   \/><label for='answer-id-560864' id='answer-label-560864' class=' answer'><span>subject access procedures.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-77' style=';'><div id='questionWrap-77'  class='   watupro-question-id-136947'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>77. <\/span>An information security manager mapping a job description to types of data access is MOST likely to adhere to which of the following information security principles?<\/div><input type='hidden' name='question_id[]' id='qID_77' value='136947' \/><input type='hidden' id='answerType136947' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136947[]' id='answer-id-560865' class='answer   answerof-136947 ' value='560865'   \/><label for='answer-id-560865' id='answer-label-560865' class=' answer'><span>Ethics<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136947[]' id='answer-id-560866' class='answer   answerof-136947 ' value='560866'   \/><label for='answer-id-560866' id='answer-label-560866' class=' answer'><span>Proportionality<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136947[]' id='answer-id-560867' class='answer   answerof-136947 ' value='560867'   \/><label for='answer-id-560867' id='answer-label-560867' class=' answer'><span>Integration<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136947[]' id='answer-id-560868' class='answer   answerof-136947 ' value='560868'   \/><label for='answer-id-560868' id='answer-label-560868' class=' answer'><span>Accountability<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-78' style=';'><div id='questionWrap-78'  class='   watupro-question-id-136948'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>78. <\/span>Which of the following is the MOST important prerequisite for establishing information security management within an organization?<\/div><input type='hidden' name='question_id[]' id='qID_78' value='136948' \/><input type='hidden' id='answerType136948' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136948[]' id='answer-id-560869' class='answer   answerof-136948 ' value='560869'   \/><label for='answer-id-560869' id='answer-label-560869' class=' answer'><span>Senior management commitment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136948[]' id='answer-id-560870' class='answer   answerof-136948 ' value='560870'   \/><label for='answer-id-560870' id='answer-label-560870' class=' answer'><span>Information security framework<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136948[]' id='answer-id-560871' class='answer   answerof-136948 ' value='560871'   \/><label for='answer-id-560871' id='answer-label-560871' class=' answer'><span>Information security organizational structure<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136948[]' id='answer-id-560872' class='answer   answerof-136948 ' value='560872'   \/><label for='answer-id-560872' id='answer-label-560872' class=' answer'><span>Information security policy<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-79' style=';'><div id='questionWrap-79'  class='   watupro-question-id-136949'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>79. <\/span>What will have the HIGHEST impact on standard information security governance models?<\/div><input type='hidden' name='question_id[]' id='qID_79' value='136949' \/><input type='hidden' id='answerType136949' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136949[]' id='answer-id-560873' class='answer   answerof-136949 ' value='560873'   \/><label for='answer-id-560873' id='answer-label-560873' class=' answer'><span>Number of employees<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136949[]' id='answer-id-560874' class='answer   answerof-136949 ' value='560874'   \/><label for='answer-id-560874' id='answer-label-560874' class=' answer'><span>Distance between physical locations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136949[]' id='answer-id-560875' class='answer   answerof-136949 ' value='560875'   \/><label for='answer-id-560875' id='answer-label-560875' class=' answer'><span>Complexity of organizational structure<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136949[]' id='answer-id-560876' class='answer   answerof-136949 ' value='560876'   \/><label for='answer-id-560876' id='answer-label-560876' class=' answer'><span>Organizational budget<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-80' style=';'><div id='questionWrap-80'  class='   watupro-question-id-136950'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>80. <\/span>In order to highlight to management, the importance of integrating information security in the business processes, a newly hired information security officer should FIRST:<\/div><input type='hidden' name='question_id[]' id='qID_80' value='136950' \/><input type='hidden' id='answerType136950' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136950[]' id='answer-id-560877' class='answer   answerof-136950 ' value='560877'   \/><label for='answer-id-560877' id='answer-label-560877' class=' answer'><span>prepare a security budget.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136950[]' id='answer-id-560878' class='answer   answerof-136950 ' value='560878'   \/><label for='answer-id-560878' id='answer-label-560878' class=' answer'><span>conduct a risk assessment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136950[]' id='answer-id-560879' class='answer   answerof-136950 ' value='560879'   \/><label for='answer-id-560879' id='answer-label-560879' class=' answer'><span>develop an information security policy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136950[]' id='answer-id-560880' class='answer   answerof-136950 ' value='560880'   \/><label for='answer-id-560880' id='answer-label-560880' class=' answer'><span>obtain benchmarking information.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-81' style=';'><div id='questionWrap-81'  class='   watupro-question-id-136951'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>81. <\/span>Temporarily deactivating some monitoring processes, even if supported by an acceptance of operational risk, may not be acceptable to the information security manager if:<\/div><input type='hidden' name='question_id[]' id='qID_81' value='136951' \/><input type='hidden' id='answerType136951' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136951[]' id='answer-id-560881' class='answer   answerof-136951 ' value='560881'   \/><label for='answer-id-560881' id='answer-label-560881' class=' answer'><span>it implies compliance risks.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136951[]' id='answer-id-560882' class='answer   answerof-136951 ' value='560882'   \/><label for='answer-id-560882' id='answer-label-560882' class=' answer'><span>short-term impact cannot be determined.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136951[]' id='answer-id-560883' class='answer   answerof-136951 ' value='560883'   \/><label for='answer-id-560883' id='answer-label-560883' class=' answer'><span>it violates industry security practices.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136951[]' id='answer-id-560884' class='answer   answerof-136951 ' value='560884'   \/><label for='answer-id-560884' id='answer-label-560884' class=' answer'><span>changes in the roles matrix cannot be detected.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-82' style=';'><div id='questionWrap-82'  class='   watupro-question-id-136952'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>82. <\/span>An outcome of effective security governance is:<\/div><input type='hidden' name='question_id[]' id='qID_82' value='136952' \/><input type='hidden' id='answerType136952' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136952[]' id='answer-id-560885' class='answer   answerof-136952 ' value='560885'   \/><label for='answer-id-560885' id='answer-label-560885' class=' answer'><span>business dependency assessment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136952[]' id='answer-id-560886' class='answer   answerof-136952 ' value='560886'   \/><label for='answer-id-560886' id='answer-label-560886' class=' answer'><span>strategic alignment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136952[]' id='answer-id-560887' class='answer   answerof-136952 ' value='560887'   \/><label for='answer-id-560887' id='answer-label-560887' class=' answer'><span>risk assessment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136952[]' id='answer-id-560888' class='answer   answerof-136952 ' value='560888'   \/><label for='answer-id-560888' id='answer-label-560888' class=' answer'><span>planning.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-83' style=';'><div id='questionWrap-83'  class='   watupro-question-id-136953'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>83. <\/span>How would an information security manager balance the potentially conflicting requirements of an international organization's security standards and local regulation?<\/div><input type='hidden' name='question_id[]' id='qID_83' value='136953' \/><input type='hidden' id='answerType136953' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136953[]' id='answer-id-560889' class='answer   answerof-136953 ' value='560889'   \/><label for='answer-id-560889' id='answer-label-560889' class=' answer'><span>Give organization standards preference over local regulations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136953[]' id='answer-id-560890' class='answer   answerof-136953 ' value='560890'   \/><label for='answer-id-560890' id='answer-label-560890' class=' answer'><span>Follow local regulations only<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136953[]' id='answer-id-560891' class='answer   answerof-136953 ' value='560891'   \/><label for='answer-id-560891' id='answer-label-560891' class=' answer'><span>Make the organization aware of those standards where local regulations causes conflicts<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136953[]' id='answer-id-560892' class='answer   answerof-136953 ' value='560892'   \/><label for='answer-id-560892' id='answer-label-560892' class=' answer'><span>Negotiate a local version of the organization standards<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-84' style=';'><div id='questionWrap-84'  class='   watupro-question-id-136954'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>84. <\/span>Who should drive the risk analysis for an organization?<\/div><input type='hidden' name='question_id[]' id='qID_84' value='136954' \/><input type='hidden' id='answerType136954' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136954[]' id='answer-id-560893' class='answer   answerof-136954 ' value='560893'   \/><label for='answer-id-560893' id='answer-label-560893' class=' answer'><span>Senior management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136954[]' id='answer-id-560894' class='answer   answerof-136954 ' value='560894'   \/><label for='answer-id-560894' id='answer-label-560894' class=' answer'><span>Security manager<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136954[]' id='answer-id-560895' class='answer   answerof-136954 ' value='560895'   \/><label for='answer-id-560895' id='answer-label-560895' class=' answer'><span>Quality manager<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136954[]' id='answer-id-560896' class='answer   answerof-136954 ' value='560896'   \/><label for='answer-id-560896' id='answer-label-560896' class=' answer'><span>Legal department<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-85' style=';'><div id='questionWrap-85'  class='   watupro-question-id-136955'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>85. <\/span>The FIRST step in developing an information security management program is to:<\/div><input type='hidden' name='question_id[]' id='qID_85' value='136955' \/><input type='hidden' id='answerType136955' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136955[]' id='answer-id-560897' class='answer   answerof-136955 ' value='560897'   \/><label for='answer-id-560897' id='answer-label-560897' class=' answer'><span>identify business risks that affect the organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136955[]' id='answer-id-560898' class='answer   answerof-136955 ' value='560898'   \/><label for='answer-id-560898' id='answer-label-560898' class=' answer'><span>clarify organizational purpose for creating the program.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136955[]' id='answer-id-560899' class='answer   answerof-136955 ' value='560899'   \/><label for='answer-id-560899' id='answer-label-560899' class=' answer'><span>assign responsibility for the program.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136955[]' id='answer-id-560900' class='answer   answerof-136955 ' value='560900'   \/><label for='answer-id-560900' id='answer-label-560900' class=' answer'><span>assess adequacy of controls to mitigate business risks.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-86' style=';'><div id='questionWrap-86'  class='   watupro-question-id-136956'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>86. <\/span>Which of the following is the MOST important to keep in mind when assessing the value of information?<\/div><input type='hidden' name='question_id[]' id='qID_86' value='136956' \/><input type='hidden' id='answerType136956' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136956[]' id='answer-id-560901' class='answer   answerof-136956 ' value='560901'   \/><label for='answer-id-560901' id='answer-label-560901' class=' answer'><span>The potential financial loss<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136956[]' id='answer-id-560902' class='answer   answerof-136956 ' value='560902'   \/><label for='answer-id-560902' id='answer-label-560902' class=' answer'><span>The cost of recreating the information<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136956[]' id='answer-id-560903' class='answer   answerof-136956 ' value='560903'   \/><label for='answer-id-560903' id='answer-label-560903' class=' answer'><span>The cost of insurance coverage<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136956[]' id='answer-id-560904' class='answer   answerof-136956 ' value='560904'   \/><label for='answer-id-560904' id='answer-label-560904' class=' answer'><span>Regulatory requirement<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-87' style=';'><div id='questionWrap-87'  class='   watupro-question-id-136957'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>87. <\/span>What would a security manager PRIMARILY utilize when proposing the implementation of a security solution?<\/div><input type='hidden' name='question_id[]' id='qID_87' value='136957' \/><input type='hidden' id='answerType136957' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136957[]' id='answer-id-560905' class='answer   answerof-136957 ' value='560905'   \/><label for='answer-id-560905' id='answer-label-560905' class=' answer'><span>Risk assessment report<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136957[]' id='answer-id-560906' class='answer   answerof-136957 ' value='560906'   \/><label for='answer-id-560906' id='answer-label-560906' class=' answer'><span>Technical evaluation report<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136957[]' id='answer-id-560907' class='answer   answerof-136957 ' value='560907'   \/><label for='answer-id-560907' id='answer-label-560907' class=' answer'><span>Business case<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136957[]' id='answer-id-560908' class='answer   answerof-136957 ' value='560908'   \/><label for='answer-id-560908' id='answer-label-560908' class=' answer'><span>Budgetary requirements<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-88' style=';'><div id='questionWrap-88'  class='   watupro-question-id-136958'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>88. <\/span>To justify its ongoing security budget, which of the following would be of MOST use to the information security' department?<\/div><input type='hidden' name='question_id[]' id='qID_88' value='136958' \/><input type='hidden' id='answerType136958' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136958[]' id='answer-id-560909' class='answer   answerof-136958 ' value='560909'   \/><label for='answer-id-560909' id='answer-label-560909' class=' answer'><span>Security breach frequency<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136958[]' id='answer-id-560910' class='answer   answerof-136958 ' value='560910'   \/><label for='answer-id-560910' id='answer-label-560910' class=' answer'><span>Annualized loss expectancy (ALE)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136958[]' id='answer-id-560911' class='answer   answerof-136958 ' value='560911'   \/><label for='answer-id-560911' id='answer-label-560911' class=' answer'><span>Cost-benefit analysis<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136958[]' id='answer-id-560912' class='answer   answerof-136958 ' value='560912'   \/><label for='answer-id-560912' id='answer-label-560912' class=' answer'><span>Peer group comparison<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-89' style=';'><div id='questionWrap-89'  class='   watupro-question-id-136959'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>89. <\/span>Which of the following situations would MOST inhibit the effective implementation of security governance?<\/div><input type='hidden' name='question_id[]' id='qID_89' value='136959' \/><input type='hidden' id='answerType136959' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136959[]' id='answer-id-560913' class='answer   answerof-136959 ' value='560913'   \/><label for='answer-id-560913' id='answer-label-560913' class=' answer'><span>The complexity of technology<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136959[]' id='answer-id-560914' class='answer   answerof-136959 ' value='560914'   \/><label for='answer-id-560914' id='answer-label-560914' class=' answer'><span>Budgetary constraints<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136959[]' id='answer-id-560915' class='answer   answerof-136959 ' value='560915'   \/><label for='answer-id-560915' id='answer-label-560915' class=' answer'><span>Conflicting business priorities<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136959[]' id='answer-id-560916' class='answer   answerof-136959 ' value='560916'   \/><label for='answer-id-560916' id='answer-label-560916' class=' answer'><span>High-level sponsorship<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-90' style=';'><div id='questionWrap-90'  class='   watupro-question-id-136960'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>90. <\/span>To achieve effective strategic alignment of security initiatives, it is important that:<\/div><input type='hidden' name='question_id[]' id='qID_90' value='136960' \/><input type='hidden' id='answerType136960' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136960[]' id='answer-id-560917' class='answer   answerof-136960 ' value='560917'   \/><label for='answer-id-560917' id='answer-label-560917' class=' answer'><span>Steering committee leadership be selected by rotation.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136960[]' id='answer-id-560918' class='answer   answerof-136960 ' value='560918'   \/><label for='answer-id-560918' id='answer-label-560918' class=' answer'><span>Inputs be obtained and consensus achieved between the major organizational units.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136960[]' id='answer-id-560919' class='answer   answerof-136960 ' value='560919'   \/><label for='answer-id-560919' id='answer-label-560919' class=' answer'><span>The business strategy be updated periodically.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136960[]' id='answer-id-560920' class='answer   answerof-136960 ' value='560920'   \/><label for='answer-id-560920' id='answer-label-560920' class=' answer'><span>Procedures and standards be approved by all departmental heads.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-91' style=';'><div id='questionWrap-91'  class='   watupro-question-id-136961'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>91. <\/span>What would be the MOST significant security risks when using wireless local area network (LAN) technology?<\/div><input type='hidden' name='question_id[]' id='qID_91' value='136961' \/><input type='hidden' id='answerType136961' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136961[]' id='answer-id-560921' class='answer   answerof-136961 ' value='560921'   \/><label for='answer-id-560921' id='answer-label-560921' class=' answer'><span>Man-in-the-middle attack<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136961[]' id='answer-id-560922' class='answer   answerof-136961 ' value='560922'   \/><label for='answer-id-560922' id='answer-label-560922' class=' answer'><span>Spoofing of data packets<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136961[]' id='answer-id-560923' class='answer   answerof-136961 ' value='560923'   \/><label for='answer-id-560923' id='answer-label-560923' class=' answer'><span>Rogue access point<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136961[]' id='answer-id-560924' class='answer   answerof-136961 ' value='560924'   \/><label for='answer-id-560924' id='answer-label-560924' class=' answer'><span>Session hijacking<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-92' style=';'><div id='questionWrap-92'  class='   watupro-question-id-136962'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>92. <\/span>When developing incident response procedures involving servers hosting critical applications, which of the following should be the FIRST to be notified?<\/div><input type='hidden' name='question_id[]' id='qID_92' value='136962' \/><input type='hidden' id='answerType136962' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136962[]' id='answer-id-560925' class='answer   answerof-136962 ' value='560925'   \/><label for='answer-id-560925' id='answer-label-560925' class=' answer'><span>Business management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136962[]' id='answer-id-560926' class='answer   answerof-136962 ' value='560926'   \/><label for='answer-id-560926' id='answer-label-560926' class=' answer'><span>Operations manager<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136962[]' id='answer-id-560927' class='answer   answerof-136962 ' value='560927'   \/><label for='answer-id-560927' id='answer-label-560927' class=' answer'><span>Information security manager<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136962[]' id='answer-id-560928' class='answer   answerof-136962 ' value='560928'   \/><label for='answer-id-560928' id='answer-label-560928' class=' answer'><span>System users<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-93' style=';'><div id='questionWrap-93'  class='   watupro-question-id-136963'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>93. <\/span>In implementing information security governance, the information security manager is PRIMARILY responsible for:<\/div><input type='hidden' name='question_id[]' id='qID_93' value='136963' \/><input type='hidden' id='answerType136963' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136963[]' id='answer-id-560929' class='answer   answerof-136963 ' value='560929'   \/><label for='answer-id-560929' id='answer-label-560929' class=' answer'><span>developing the security strategy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136963[]' id='answer-id-560930' class='answer   answerof-136963 ' value='560930'   \/><label for='answer-id-560930' id='answer-label-560930' class=' answer'><span>reviewing the security strategy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136963[]' id='answer-id-560931' class='answer   answerof-136963 ' value='560931'   \/><label for='answer-id-560931' id='answer-label-560931' class=' answer'><span>communicating the security strategy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136963[]' id='answer-id-560932' class='answer   answerof-136963 ' value='560932'   \/><label for='answer-id-560932' id='answer-label-560932' class=' answer'><span>approving the security strategy<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-94' style=';'><div id='questionWrap-94'  class='   watupro-question-id-136964'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>94. <\/span>An information security strategy document that includes specific links to an organization's business activities is PRIMARILY an indicator of:<\/div><input type='hidden' name='question_id[]' id='qID_94' value='136964' \/><input type='hidden' id='answerType136964' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136964[]' id='answer-id-560933' class='answer   answerof-136964 ' value='560933'   \/><label for='answer-id-560933' id='answer-label-560933' class=' answer'><span>performance measurement.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136964[]' id='answer-id-560934' class='answer   answerof-136964 ' value='560934'   \/><label for='answer-id-560934' id='answer-label-560934' class=' answer'><span>integration.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136964[]' id='answer-id-560935' class='answer   answerof-136964 ' value='560935'   \/><label for='answer-id-560935' id='answer-label-560935' class=' answer'><span>alignment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136964[]' id='answer-id-560936' class='answer   answerof-136964 ' value='560936'   \/><label for='answer-id-560936' id='answer-label-560936' class=' answer'><span>value delivery.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-95' style=';'><div id='questionWrap-95'  class='   watupro-question-id-136965'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>95. <\/span>When an organization is setting up a relationship with a third-party IT service provider, which of the following is one of the MOST important topics to include in the contract from a security standpoint?<\/div><input type='hidden' name='question_id[]' id='qID_95' value='136965' \/><input type='hidden' id='answerType136965' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136965[]' id='answer-id-560937' class='answer   answerof-136965 ' value='560937'   \/><label for='answer-id-560937' id='answer-label-560937' class=' answer'><span>Compliance with international security standards.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136965[]' id='answer-id-560938' class='answer   answerof-136965 ' value='560938'   \/><label for='answer-id-560938' id='answer-label-560938' class=' answer'><span>Use of a two-factor authentication system.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136965[]' id='answer-id-560939' class='answer   answerof-136965 ' value='560939'   \/><label for='answer-id-560939' id='answer-label-560939' class=' answer'><span>Existence of an alternate hot site in case of business disruption.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136965[]' id='answer-id-560940' class='answer   answerof-136965 ' value='560940'   \/><label for='answer-id-560940' id='answer-label-560940' class=' answer'><span>Compliance with the organization's information security requirements.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-96' style=';'><div id='questionWrap-96'  class='   watupro-question-id-136966'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>96. <\/span>To justify the need to invest in a forensic analysis tool, an information security manager should FIRST:<\/div><input type='hidden' name='question_id[]' id='qID_96' value='136966' \/><input type='hidden' id='answerType136966' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136966[]' id='answer-id-560941' class='answer   answerof-136966 ' value='560941'   \/><label for='answer-id-560941' id='answer-label-560941' class=' answer'><span>review the functionalities and implementation requirements of the solution.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136966[]' id='answer-id-560942' class='answer   answerof-136966 ' value='560942'   \/><label for='answer-id-560942' id='answer-label-560942' class=' answer'><span>review comparison reports of tool implementation in peer companies.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136966[]' id='answer-id-560943' class='answer   answerof-136966 ' value='560943'   \/><label for='answer-id-560943' id='answer-label-560943' class=' answer'><span>provide examples of situations where such a tool would be useful.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136966[]' id='answer-id-560944' class='answer   answerof-136966 ' value='560944'   \/><label for='answer-id-560944' id='answer-label-560944' class=' answer'><span>substantiate the investment in meeting organizational needs.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-97' style=';'><div id='questionWrap-97'  class='   watupro-question-id-136967'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>97. <\/span>The MOST useful way to describe the objectives in the information security strategy is through:<\/div><input type='hidden' name='question_id[]' id='qID_97' value='136967' \/><input type='hidden' id='answerType136967' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136967[]' id='answer-id-560945' class='answer   answerof-136967 ' value='560945'   \/><label for='answer-id-560945' id='answer-label-560945' class=' answer'><span>attributes and characteristics of the 'desired state.&quot;<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136967[]' id='answer-id-560946' class='answer   answerof-136967 ' value='560946'   \/><label for='answer-id-560946' id='answer-label-560946' class=' answer'><span>overall control objectives of the security program.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136967[]' id='answer-id-560947' class='answer   answerof-136967 ' value='560947'   \/><label for='answer-id-560947' id='answer-label-560947' class=' answer'><span>mapping the IT systems to key business processes.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136967[]' id='answer-id-560948' class='answer   answerof-136967 ' value='560948'   \/><label for='answer-id-560948' id='answer-label-560948' class=' answer'><span>calculation of annual loss expectations.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-98' style=';'><div id='questionWrap-98'  class='   watupro-question-id-136968'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>98. <\/span>In order to highlight to management, the importance of network security, the security manager should FIRST:<\/div><input type='hidden' name='question_id[]' id='qID_98' value='136968' \/><input type='hidden' id='answerType136968' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136968[]' id='answer-id-560949' class='answer   answerof-136968 ' value='560949'   \/><label for='answer-id-560949' id='answer-label-560949' class=' answer'><span>develop a security architecture.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136968[]' id='answer-id-560950' class='answer   answerof-136968 ' value='560950'   \/><label for='answer-id-560950' id='answer-label-560950' class=' answer'><span>install a network intrusion detection system (NIDS) and prepare a list of attacks.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136968[]' id='answer-id-560951' class='answer   answerof-136968 ' value='560951'   \/><label for='answer-id-560951' id='answer-label-560951' class=' answer'><span>develop a network security policy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136968[]' id='answer-id-560952' class='answer   answerof-136968 ' value='560952'   \/><label for='answer-id-560952' id='answer-label-560952' class=' answer'><span>conduct a risk assessment.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-99' style=';'><div id='questionWrap-99'  class='   watupro-question-id-136969'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>99. <\/span>When developing an information security program, what is the MOST useful source of information for determining available resources?<\/div><input type='hidden' name='question_id[]' id='qID_99' value='136969' \/><input type='hidden' id='answerType136969' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136969[]' id='answer-id-560953' class='answer   answerof-136969 ' value='560953'   \/><label for='answer-id-560953' id='answer-label-560953' class=' answer'><span>Proficiency test<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136969[]' id='answer-id-560954' class='answer   answerof-136969 ' value='560954'   \/><label for='answer-id-560954' id='answer-label-560954' class=' answer'><span>Job descriptions<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136969[]' id='answer-id-560955' class='answer   answerof-136969 ' value='560955'   \/><label for='answer-id-560955' id='answer-label-560955' class=' answer'><span>Organization chart<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136969[]' id='answer-id-560956' class='answer   answerof-136969 ' value='560956'   \/><label for='answer-id-560956' id='answer-label-560956' class=' answer'><span>Skills inventory<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-100' style=';'><div id='questionWrap-100'  class='   watupro-question-id-136970'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>100. <\/span>The MOST important characteristic of good security policies is that they:<\/div><input type='hidden' name='question_id[]' id='qID_100' value='136970' \/><input type='hidden' id='answerType136970' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136970[]' id='answer-id-560957' class='answer   answerof-136970 ' value='560957'   \/><label for='answer-id-560957' id='answer-label-560957' class=' answer'><span>state expectations of IT management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136970[]' id='answer-id-560958' class='answer   answerof-136970 ' value='560958'   \/><label for='answer-id-560958' id='answer-label-560958' class=' answer'><span>state only one general security mandate.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136970[]' id='answer-id-560959' class='answer   answerof-136970 ' value='560959'   \/><label for='answer-id-560959' id='answer-label-560959' class=' answer'><span>are aligned with organizational goals.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-136970[]' id='answer-id-560960' class='answer   answerof-136970 ' value='560960'   \/><label for='answer-id-560960' id='answer-label-560960' class=' answer'><span>govern the creation of procedures and guidelines.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div style='display:none' id='question-101'>\n\t<div class='question-content'>\n\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\" alt=\"Loading...\" title=\"Loading...\" \/>&nbsp;Loading...\t<\/div>\n<\/div>\n\n<br \/>\n\t\n\t\t\t<div class=\"watupro_buttons flex \" id=\"watuPROButtons4377\" >\n\t\t  <div id=\"prev-question\" style=\"display:none;\"><input type=\"button\" value=\"&lt; Previous\" onclick=\"WatuPRO.nextQuestion(event, 'previous');\"\/><\/div>\t\t  \t\t  \t\t   \n\t\t   \t  \t\t<div><input type=\"button\" name=\"action\" class=\"watupro-submit-button\" onclick=\"WatuPRO.submitResult(event)\" id=\"action-button\" value=\"View Results\"  \/>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\n\t<input type=\"hidden\" name=\"quiz_id\" value=\"4377\" id=\"watuPROExamID\"\/>\n\t<input type=\"hidden\" name=\"start_time\" id=\"startTime\" value=\"2026-05-07 19:32:40\" \/>\n\t<input type=\"hidden\" name=\"start_timestamp\" id=\"startTimeStamp\" value=\"1778182360\" \/>\n\t<input type=\"hidden\" name=\"question_ids\" value=\"\" \/>\n\t<input type=\"hidden\" name=\"watupro_questions\" value=\"136871:560561,560562,560563,560564 | 136872:560565,560566,560567,560568 | 136873:560569,560570,560571,560572 | 136874:560573,560574,560575,560576 | 136875:560577,560578,560579,560580 | 136876:560581,560582,560583,560584 | 136877:560585,560586,560587,560588 | 136878:560589,560590,560591,560592 | 136879:560593,560594,560595,560596 | 136880:560597,560598,560599,560600 | 136881:560601,560602,560603,560604 | 136882:560605,560606,560607,560608 | 136883:560609,560610,560611,560612 | 136884:560613,560614,560615,560616 | 136885:560617,560618,560619,560620 | 136886:560621,560622,560623,560624 | 136887:560625,560626,560627,560628 | 136888:560629,560630,560631,560632 | 136889:560633,560634,560635,560636 | 136890:560637,560638,560639,560640 | 136891:560641,560642,560643,560644 | 136892:560645,560646,560647,560648 | 136893:560649,560650,560651,560652 | 136894:560653,560654,560655,560656 | 136895:560657,560658,560659,560660 | 136896:560661,560662,560663,560664 | 136897:560665,560666,560667,560668 | 136898:560669,560670,560671,560672 | 136899:560673,560674,560675,560676 | 136900:560677,560678,560679,560680 | 136901:560681,560682,560683,560684 | 136902:560685,560686,560687,560688 | 136903:560689,560690,560691,560692 | 136904:560693,560694,560695,560696 | 136905:560697,560698,560699,560700 | 136906:560701,560702,560703,560704 | 136907:560705,560706,560707,560708 | 136908:560709,560710,560711,560712 | 136909:560713,560714,560715,560716 | 136910:560717,560718,560719,560720 | 136911:560721,560722,560723,560724 | 136912:560725,560726,560727,560728 | 136913:560729,560730,560731,560732 | 136914:560733,560734,560735,560736 | 136915:560737,560738,560739,560740 | 136916:560741,560742,560743,560744 | 136917:560745,560746,560747,560748 | 136918:560749,560750,560751,560752 | 136919:560753,560754,560755,560756 | 136920:560757,560758,560759,560760 | 136921:560761,560762,560763,560764 | 136922:560765,560766,560767,560768 | 136923:560769,560770,560771,560772 | 136924:560773,560774,560775,560776 | 136925:560777,560778,560779,560780 | 136926:560781,560782,560783,560784 | 136927:560785,560786,560787,560788 | 136928:560789,560790,560791,560792 | 136929:560793,560794,560795,560796 | 136930:560797,560798,560799,560800 | 136931:560801,560802,560803,560804 | 136932:560805,560806,560807,560808 | 136933:560809,560810,560811,560812 | 136934:560813,560814,560815,560816 | 136935:560817,560818,560819,560820 | 136936:560821,560822,560823,560824 | 136937:560825,560826,560827,560828 | 136938:560829,560830,560831,560832 | 136939:560833,560834,560835,560836 | 136940:560837,560838,560839,560840 | 136941:560841,560842,560843,560844 | 136942:560845,560846,560847,560848 | 136943:560849,560850,560851,560852 | 136944:560853,560854,560855,560856 | 136945:560857,560858,560859,560860 | 136946:560861,560862,560863,560864 | 136947:560865,560866,560867,560868 | 136948:560869,560870,560871,560872 | 136949:560873,560874,560875,560876 | 136950:560877,560878,560879,560880 | 136951:560881,560882,560883,560884 | 136952:560885,560886,560887,560888 | 136953:560889,560890,560891,560892 | 136954:560893,560894,560895,560896 | 136955:560897,560898,560899,560900 | 136956:560901,560902,560903,560904 | 136957:560905,560906,560907,560908 | 136958:560909,560910,560911,560912 | 136959:560913,560914,560915,560916 | 136960:560917,560918,560919,560920 | 136961:560921,560922,560923,560924 | 136962:560925,560926,560927,560928 | 136963:560929,560930,560931,560932 | 136964:560933,560934,560935,560936 | 136965:560937,560938,560939,560940 | 136966:560941,560942,560943,560944 | 136967:560945,560946,560947,560948 | 136968:560949,560950,560951,560952 | 136969:560953,560954,560955,560956 | 136970:560957,560958,560959,560960\" \/>\n\t<input type=\"hidden\" name=\"no_ajax\" value=\"0\">\t\t\t<\/form>\n\t<p>&nbsp;<\/p>\n<\/div>\n\n<script type=\"text\/javascript\">\n\/\/jQuery(document).ready(function(){\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \t\nvar question_ids = \"136871,136872,136873,136874,136875,136876,136877,136878,136879,136880,136881,136882,136883,136884,136885,136886,136887,136888,136889,136890,136891,136892,136893,136894,136895,136896,136897,136898,136899,136900,136901,136902,136903,136904,136905,136906,136907,136908,136909,136910,136911,136912,136913,136914,136915,136916,136917,136918,136919,136920,136921,136922,136923,136924,136925,136926,136927,136928,136929,136930,136931,136932,136933,136934,136935,136936,136937,136938,136939,136940,136941,136942,136943,136944,136945,136946,136947,136948,136949,136950,136951,136952,136953,136954,136955,136956,136957,136958,136959,136960,136961,136962,136963,136964,136965,136966,136967,136968,136969,136970\";\nWatuPROSettings[4377] = {};\nWatuPRO.qArr = question_ids.split(',');\nWatuPRO.exam_id = 4377;\t    \nWatuPRO.post_id = 8214;\nWatuPRO.store_progress = 0;\nWatuPRO.curCatPage = 1;\nWatuPRO.requiredIDs=\"0\".split(\",\");\nWatuPRO.hAppID = \"0.05130000 1778182360\";\nvar url = \"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/show_exam.php\";\nWatuPRO.examMode = 1;\nWatuPRO.siteURL=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-admin\/admin-ajax.php\";\nWatuPRO.emailIsNotRequired = 0;\nWatuPROIntel.init(4377);\nWatuPRO.inCategoryPages=1;});    \t \n<\/script>\n","protected":false},"excerpt":{"rendered":"<p>Why choosing CISM practice exam dumps online? We can be sure that you can get the biggest help to prepare for your Certified Information Security Manager exam well. Certified Information Security Manager (CISM) is issued by ISACA, which indicates expertise in information security governance, program development and management, incident management and risk management.\u00a0 We collect [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[429,431],"tags":[9404,9409,9407,9406,9408,9405],"class_list":["post-8214","post","type-post","status-publish","format-standard","hentry","category-isaca","category-isaca-certificaton","tag-cism","tag-cism-dumps","tag-cism-dumps-questions","tag-cism-exam-dumps","tag-cism-exam-questions","tag-cism-free-dumps"],"_links":{"self":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/8214","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/comments?post=8214"}],"version-history":[{"count":1,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/8214\/revisions"}],"predecessor-version":[{"id":8216,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/8214\/revisions\/8216"}],"wp:attachment":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/media?parent=8214"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/categories?post=8214"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/tags?post=8214"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}