{"id":96901,"date":"2025-02-21T06:25:04","date_gmt":"2025-02-21T06:25:04","guid":{"rendered":"https:\/\/www.dumpsbase.com\/freedumps\/?p=96901"},"modified":"2025-02-21T06:25:04","modified_gmt":"2025-02-21T06:25:04","slug":"712-50-updated-dumps-v11-02-maximize-your-chances-of-success-in-the-ec-council-certified-ciso-cciso-exam-on-the-first-try","status":"publish","type":"post","link":"https:\/\/www.dumpsbase.com\/freedumps\/712-50-updated-dumps-v11-02-maximize-your-chances-of-success-in-the-ec-council-certified-ciso-cciso-exam-on-the-first-try.html","title":{"rendered":"712-50 Updated Dumps (V11.02) &#8211; Maximize Your Chances of Success in the EC-Council Certified CISO (CCISO) Exam on the First Try"},"content":{"rendered":"<p>Earning the EC-Council Certified CISO (CCISO) certification not only validates your information security expertise but also opens the door to high-paying, leadership-oriented roles in cybersecurity. But how to earn the CCISO certification successfully? Choose DumpsBase 712-50 dumps as your preparation materials to complete the 712-50 exam. Everyone wants to pass on their first attempt to save both time and money. By working through relevant and up-to-date 712-50 dumps from DumpsBase, you sharpen your skills quickly and avoid wasting effort on outdated material. Choose the 712-50 updated dumps (V11.02). The comprehensive dumps let you pinpoint which topics you\u2019ve mastered and which ones need more focus. This targeted approach ensures you allocate study time efficiently and strategically.<\/p>\n<h2><em><span style=\"background-color: #ffff00;\">712-50 Free Dumps<\/span><\/em> for Checking the EC-Council Certified CISO (CCISO) Dumps (V11.02)<\/h2>\n<script>\n\t  window.fbAsyncInit = function() {\n\t    FB.init({\n\t      appId            : '622169541470367',\n\t      autoLogAppEvents : true,\n\t      xfbml            : true,\n\t      version          : 'v3.1'\n\t    });\n\t  };\n\t\n\t  (function(d, s, id){\n\t     var js, fjs = d.getElementsByTagName(s)[0];\n\t     if (d.getElementById(id)) {return;}\n\t     js = d.createElement(s); js.id = id;\n\t     js.src = \"https:\/\/connect.facebook.net\/en_US\/sdk.js\";\n\t     fjs.parentNode.insertBefore(js, fjs);\n\t   }(document, 'script', 'facebook-jssdk'));\n\t<\/script><script type=\"text\/javascript\" >\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \nif(!window.jQuery) alert(\"The important jQuery library is not properly loaded in your site. Your WordPress theme is probably missing the essential wp_head() call. You can switch to another theme and you will see that the plugin works fine and this notice disappears. If you are still not sure what to do you can contact us for help.\");\n});\n<\/script>  \n  \n<div  id=\"watupro_quiz\" class=\"quiz-area single-page-quiz\">\n<p id=\"submittingExam9466\" style=\"display:none;text-align:center;\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\"><\/p>\n\n<div class=\"watupro-exam-description\" id=\"description-quiz-9466\"><\/div>\n\n<form action=\"\" method=\"post\" class=\"quiz-form\" id=\"quiz-9466\"  enctype=\"multipart\/form-data\" >\n<div class='watu-question ' id='question-1' style=';'><div id='questionWrap-1'  class='   watupro-question-id-378800'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>1. <\/span>Credit card information, medical data, and government records are all examples of:<\/div><input type='hidden' name='question_id[]' id='qID_1' value='378800' \/><input type='hidden' id='answerType378800' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378800[]' id='answer-id-1474279' class='answer   answerof-378800 ' value='1474279'   \/><label for='answer-id-1474279' id='answer-label-1474279' class=' answer'><span>Confidential\/Protected Information<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378800[]' id='answer-id-1474280' class='answer   answerof-378800 ' value='1474280'   \/><label for='answer-id-1474280' id='answer-label-1474280' class=' answer'><span>Bodily Information<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378800[]' id='answer-id-1474281' class='answer   answerof-378800 ' value='1474281'   \/><label for='answer-id-1474281' id='answer-label-1474281' class=' answer'><span>Territorial Information<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378800[]' id='answer-id-1474282' class='answer   answerof-378800 ' value='1474282'   \/><label for='answer-id-1474282' id='answer-label-1474282' class=' answer'><span>Communications Information<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-2' style=';'><div id='questionWrap-2'  class='   watupro-question-id-378801'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>2. <\/span>The establishment of a formal risk management framework and system authorization program is essential. The LAST step of the system authorization process is:<\/div><input type='hidden' name='question_id[]' id='qID_2' value='378801' \/><input type='hidden' id='answerType378801' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378801[]' id='answer-id-1474283' class='answer   answerof-378801 ' value='1474283'   \/><label for='answer-id-1474283' id='answer-label-1474283' class=' answer'><span>Contacting the Internet Service Provider for an IP scope<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378801[]' id='answer-id-1474284' class='answer   answerof-378801 ' value='1474284'   \/><label for='answer-id-1474284' id='answer-label-1474284' class=' answer'><span>Getting authority to operate the system from executive management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378801[]' id='answer-id-1474285' class='answer   answerof-378801 ' value='1474285'   \/><label for='answer-id-1474285' id='answer-label-1474285' class=' answer'><span>Changing the default passwords<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378801[]' id='answer-id-1474286' class='answer   answerof-378801 ' value='1474286'   \/><label for='answer-id-1474286' id='answer-label-1474286' class=' answer'><span>Conducting a final scan of the live system and mitigating all high and medium level vulnerabilities<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-3' style=';'><div id='questionWrap-3'  class='   watupro-question-id-378802'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>3. <\/span>The single most important consideration to make when developing your security program, policies, and processes is:<\/div><input type='hidden' name='question_id[]' id='qID_3' value='378802' \/><input type='hidden' id='answerType378802' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378802[]' id='answer-id-1474287' class='answer   answerof-378802 ' value='1474287'   \/><label for='answer-id-1474287' id='answer-label-1474287' class=' answer'><span>Budgeting for unforeseen data compromises<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378802[]' id='answer-id-1474288' class='answer   answerof-378802 ' value='1474288'   \/><label for='answer-id-1474288' id='answer-label-1474288' class=' answer'><span>Streamlining for efficiency<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378802[]' id='answer-id-1474289' class='answer   answerof-378802 ' value='1474289'   \/><label for='answer-id-1474289' id='answer-label-1474289' class=' answer'><span>Alignment with the business<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378802[]' id='answer-id-1474290' class='answer   answerof-378802 ' value='1474290'   \/><label for='answer-id-1474290' id='answer-label-1474290' class=' answer'><span>Establishing your authority as the Security Executive<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-4' style=';'><div id='questionWrap-4'  class='   watupro-question-id-378803'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>4. <\/span>An organization's Information Security Policy is of MOST importance because<\/div><input type='hidden' name='question_id[]' id='qID_4' value='378803' \/><input type='hidden' id='answerType378803' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378803[]' id='answer-id-1474291' class='answer   answerof-378803 ' value='1474291'   \/><label for='answer-id-1474291' id='answer-label-1474291' class=' answer'><span>it communicates management\u2019s commitment to protecting information resources<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378803[]' id='answer-id-1474292' class='answer   answerof-378803 ' value='1474292'   \/><label for='answer-id-1474292' id='answer-label-1474292' class=' answer'><span>it is formally acknowledged by all employees and vendors<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378803[]' id='answer-id-1474293' class='answer   answerof-378803 ' value='1474293'   \/><label for='answer-id-1474293' id='answer-label-1474293' class=' answer'><span>it defines a process to meet compliance requirements<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378803[]' id='answer-id-1474294' class='answer   answerof-378803 ' value='1474294'   \/><label for='answer-id-1474294' id='answer-label-1474294' class=' answer'><span>it establishes a framework to protect confidential information<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-5' style=';'><div id='questionWrap-5'  class='   watupro-question-id-378804'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>5. <\/span>Developing effective security controls is a balance between:<\/div><input type='hidden' name='question_id[]' id='qID_5' value='378804' \/><input type='hidden' id='answerType378804' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378804[]' id='answer-id-1474295' class='answer   answerof-378804 ' value='1474295'   \/><label for='answer-id-1474295' id='answer-label-1474295' class=' answer'><span>Risk Management and Operations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378804[]' id='answer-id-1474296' class='answer   answerof-378804 ' value='1474296'   \/><label for='answer-id-1474296' id='answer-label-1474296' class=' answer'><span>Corporate Culture and Job Expectations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378804[]' id='answer-id-1474297' class='answer   answerof-378804 ' value='1474297'   \/><label for='answer-id-1474297' id='answer-label-1474297' class=' answer'><span>Operations and Regulations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378804[]' id='answer-id-1474298' class='answer   answerof-378804 ' value='1474298'   \/><label for='answer-id-1474298' id='answer-label-1474298' class=' answer'><span>Technology and Vendor Management<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-6' style=';'><div id='questionWrap-6'  class='   watupro-question-id-378805'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>6. <\/span>The PRIMARY objective for information security program development should be:<\/div><input type='hidden' name='question_id[]' id='qID_6' value='378805' \/><input type='hidden' id='answerType378805' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378805[]' id='answer-id-1474299' class='answer   answerof-378805 ' value='1474299'   \/><label for='answer-id-1474299' id='answer-label-1474299' class=' answer'><span>Reducing the impact of the risk to the business.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378805[]' id='answer-id-1474300' class='answer   answerof-378805 ' value='1474300'   \/><label for='answer-id-1474300' id='answer-label-1474300' class=' answer'><span>Establishing strategic alignment with bunsiness continuity requirements<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378805[]' id='answer-id-1474301' class='answer   answerof-378805 ' value='1474301'   \/><label for='answer-id-1474301' id='answer-label-1474301' class=' answer'><span>Establishing incident response programs.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378805[]' id='answer-id-1474302' class='answer   answerof-378805 ' value='1474302'   \/><label for='answer-id-1474302' id='answer-label-1474302' class=' answer'><span>Identifying and implementing the best security solutions.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-7' style=';'><div id='questionWrap-7'  class='   watupro-question-id-378806'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>7. <\/span>Which of the following should be determined while defining risk management strategies?<\/div><input type='hidden' name='question_id[]' id='qID_7' value='378806' \/><input type='hidden' id='answerType378806' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378806[]' id='answer-id-1474303' class='answer   answerof-378806 ' value='1474303'   \/><label for='answer-id-1474303' id='answer-label-1474303' class=' answer'><span>Organizational objectives and risk tolerance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378806[]' id='answer-id-1474304' class='answer   answerof-378806 ' value='1474304'   \/><label for='answer-id-1474304' id='answer-label-1474304' class=' answer'><span>Risk assessment criteria<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378806[]' id='answer-id-1474305' class='answer   answerof-378806 ' value='1474305'   \/><label for='answer-id-1474305' id='answer-label-1474305' class=' answer'><span>IT architecture complexity<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378806[]' id='answer-id-1474306' class='answer   answerof-378806 ' value='1474306'   \/><label for='answer-id-1474306' id='answer-label-1474306' class=' answer'><span>Enterprise disaster recovery plans<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-8' style=';'><div id='questionWrap-8'  class='   watupro-question-id-378807'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>8. <\/span>Who in the organization determines access to information?<\/div><input type='hidden' name='question_id[]' id='qID_8' value='378807' \/><input type='hidden' id='answerType378807' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378807[]' id='answer-id-1474307' class='answer   answerof-378807 ' value='1474307'   \/><label for='answer-id-1474307' id='answer-label-1474307' class=' answer'><span>Legal department<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378807[]' id='answer-id-1474308' class='answer   answerof-378807 ' value='1474308'   \/><label for='answer-id-1474308' id='answer-label-1474308' class=' answer'><span>Compliance officer<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378807[]' id='answer-id-1474309' class='answer   answerof-378807 ' value='1474309'   \/><label for='answer-id-1474309' id='answer-label-1474309' class=' answer'><span>Data Owner<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378807[]' id='answer-id-1474310' class='answer   answerof-378807 ' value='1474310'   \/><label for='answer-id-1474310' id='answer-label-1474310' class=' answer'><span>Information security officer<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-9' style=';'><div id='questionWrap-9'  class='   watupro-question-id-378808'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>9. <\/span>Which of the following is a benefit of information security governance?<\/div><input type='hidden' name='question_id[]' id='qID_9' value='378808' \/><input type='hidden' id='answerType378808' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378808[]' id='answer-id-1474311' class='answer   answerof-378808 ' value='1474311'   \/><label for='answer-id-1474311' id='answer-label-1474311' class=' answer'><span>Questioning the trust in vendor relationships.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378808[]' id='answer-id-1474312' class='answer   answerof-378808 ' value='1474312'   \/><label for='answer-id-1474312' id='answer-label-1474312' class=' answer'><span>Increasing the risk of decisions based on incomplete management information.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378808[]' id='answer-id-1474313' class='answer   answerof-378808 ' value='1474313'   \/><label for='answer-id-1474313' id='answer-label-1474313' class=' answer'><span>Direct involvement of senior management in developing control processes<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378808[]' id='answer-id-1474314' class='answer   answerof-378808 ' value='1474314'   \/><label for='answer-id-1474314' id='answer-label-1474314' class=' answer'><span>Reduction of the potential for civil and legal liability<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-10' style=';'><div id='questionWrap-10'  class='   watupro-question-id-378809'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>10. <\/span>Which of the following is the MOST important benefit of an effective security governance process?<\/div><input type='hidden' name='question_id[]' id='qID_10' value='378809' \/><input type='hidden' id='answerType378809' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378809[]' id='answer-id-1474315' class='answer   answerof-378809 ' value='1474315'   \/><label for='answer-id-1474315' id='answer-label-1474315' class=' answer'><span>Reduction of liability and overall risk to the organization<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378809[]' id='answer-id-1474316' class='answer   answerof-378809 ' value='1474316'   \/><label for='answer-id-1474316' id='answer-label-1474316' class=' answer'><span>Better vendor management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378809[]' id='answer-id-1474317' class='answer   answerof-378809 ' value='1474317'   \/><label for='answer-id-1474317' id='answer-label-1474317' class=' answer'><span>Reduction of security breaches<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378809[]' id='answer-id-1474318' class='answer   answerof-378809 ' value='1474318'   \/><label for='answer-id-1474318' id='answer-label-1474318' class=' answer'><span>Senior management participation in the incident response process<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-11' style=';'><div id='questionWrap-11'  class='   watupro-question-id-378810'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>11. <\/span>The FIRST step in establishing a security governance program is to?<\/div><input type='hidden' name='question_id[]' id='qID_11' value='378810' \/><input type='hidden' id='answerType378810' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378810[]' id='answer-id-1474319' class='answer   answerof-378810 ' value='1474319'   \/><label for='answer-id-1474319' id='answer-label-1474319' class=' answer'><span>Conduct a risk assessment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378810[]' id='answer-id-1474320' class='answer   answerof-378810 ' value='1474320'   \/><label for='answer-id-1474320' id='answer-label-1474320' class=' answer'><span>Obtain senior level sponsorship.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378810[]' id='answer-id-1474321' class='answer   answerof-378810 ' value='1474321'   \/><label for='answer-id-1474321' id='answer-label-1474321' class=' answer'><span>Conduct a workshop for all end users.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378810[]' id='answer-id-1474322' class='answer   answerof-378810 ' value='1474322'   \/><label for='answer-id-1474322' id='answer-label-1474322' class=' answer'><span>Prepare a security budget.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-12' style=';'><div id='questionWrap-12'  class='   watupro-question-id-378811'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>12. <\/span>Which of the following has the GREATEST impact on the implementation of an information security <br \/>\r<br>governance model?<\/div><input type='hidden' name='question_id[]' id='qID_12' value='378811' \/><input type='hidden' id='answerType378811' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378811[]' id='answer-id-1474323' class='answer   answerof-378811 ' value='1474323'   \/><label for='answer-id-1474323' id='answer-label-1474323' class=' answer'><span>Organizational budget<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378811[]' id='answer-id-1474324' class='answer   answerof-378811 ' value='1474324'   \/><label for='answer-id-1474324' id='answer-label-1474324' class=' answer'><span>Distance between physical locations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378811[]' id='answer-id-1474325' class='answer   answerof-378811 ' value='1474325'   \/><label for='answer-id-1474325' id='answer-label-1474325' class=' answer'><span>Number of employees<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378811[]' id='answer-id-1474326' class='answer   answerof-378811 ' value='1474326'   \/><label for='answer-id-1474326' id='answer-label-1474326' class=' answer'><span>Complexity of organizational structure<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-13' style=';'><div id='questionWrap-13'  class='   watupro-question-id-378812'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>13. <\/span>From an information security perspective, information that no longer supports the main purpose of the business should be:<\/div><input type='hidden' name='question_id[]' id='qID_13' value='378812' \/><input type='hidden' id='answerType378812' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378812[]' id='answer-id-1474327' class='answer   answerof-378812 ' value='1474327'   \/><label for='answer-id-1474327' id='answer-label-1474327' class=' answer'><span>assessed by a business impact analysis.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378812[]' id='answer-id-1474328' class='answer   answerof-378812 ' value='1474328'   \/><label for='answer-id-1474328' id='answer-label-1474328' class=' answer'><span>protected under the information classification policy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378812[]' id='answer-id-1474329' class='answer   answerof-378812 ' value='1474329'   \/><label for='answer-id-1474329' id='answer-label-1474329' class=' answer'><span>analyzed under the data ownership policy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378812[]' id='answer-id-1474330' class='answer   answerof-378812 ' value='1474330'   \/><label for='answer-id-1474330' id='answer-label-1474330' class=' answer'><span>analyzed under the retention policy<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-14' style=';'><div id='questionWrap-14'  class='   watupro-question-id-378813'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>14. <\/span>When briefing senior management on the creation of a governance process, the MOST important aspect should be:<\/div><input type='hidden' name='question_id[]' id='qID_14' value='378813' \/><input type='hidden' id='answerType378813' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378813[]' id='answer-id-1474331' class='answer   answerof-378813 ' value='1474331'   \/><label for='answer-id-1474331' id='answer-label-1474331' class=' answer'><span>information security metrics.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378813[]' id='answer-id-1474332' class='answer   answerof-378813 ' value='1474332'   \/><label for='answer-id-1474332' id='answer-label-1474332' class=' answer'><span>knowledge required to analyze each issue.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378813[]' id='answer-id-1474333' class='answer   answerof-378813 ' value='1474333'   \/><label for='answer-id-1474333' id='answer-label-1474333' class=' answer'><span>baseline against which metrics are evaluated.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378813[]' id='answer-id-1474334' class='answer   answerof-378813 ' value='1474334'   \/><label for='answer-id-1474334' id='answer-label-1474334' class=' answer'><span>linkage to business area objectives.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-15' style=';'><div id='questionWrap-15'  class='   watupro-question-id-378814'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>15. <\/span>Which of the following most commonly falls within the scope of an information security governance steering committee?<\/div><input type='hidden' name='question_id[]' id='qID_15' value='378814' \/><input type='hidden' id='answerType378814' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378814[]' id='answer-id-1474335' class='answer   answerof-378814 ' value='1474335'   \/><label for='answer-id-1474335' id='answer-label-1474335' class=' answer'><span>Approving access to critical financial systems<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378814[]' id='answer-id-1474336' class='answer   answerof-378814 ' value='1474336'   \/><label for='answer-id-1474336' id='answer-label-1474336' class=' answer'><span>Developing content for security awareness programs<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378814[]' id='answer-id-1474337' class='answer   answerof-378814 ' value='1474337'   \/><label for='answer-id-1474337' id='answer-label-1474337' class=' answer'><span>Interviewing candidates for information security specialist positions<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378814[]' id='answer-id-1474338' class='answer   answerof-378814 ' value='1474338'   \/><label for='answer-id-1474338' id='answer-label-1474338' class=' answer'><span>Vetting information security policies<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-16' style=';'><div id='questionWrap-16'  class='   watupro-question-id-378815'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>16. <\/span>A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. <br \/>\r<br>Which of the following is the MOST likely reason for the policy shortcomings?<\/div><input type='hidden' name='question_id[]' id='qID_16' value='378815' \/><input type='hidden' id='answerType378815' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378815[]' id='answer-id-1474339' class='answer   answerof-378815 ' value='1474339'   \/><label for='answer-id-1474339' id='answer-label-1474339' class=' answer'><span>Lack of a formal security awareness program<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378815[]' id='answer-id-1474340' class='answer   answerof-378815 ' value='1474340'   \/><label for='answer-id-1474340' id='answer-label-1474340' class=' answer'><span>Lack of a formal security policy governance process<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378815[]' id='answer-id-1474341' class='answer   answerof-378815 ' value='1474341'   \/><label for='answer-id-1474341' id='answer-label-1474341' class=' answer'><span>Lack of formal definition of roles and responsibilities<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378815[]' id='answer-id-1474342' class='answer   answerof-378815 ' value='1474342'   \/><label for='answer-id-1474342' id='answer-label-1474342' class=' answer'><span>Lack of a formal risk management policy<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-17' style=';'><div id='questionWrap-17'  class='   watupro-question-id-378816'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>17. <\/span>Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?<\/div><input type='hidden' name='question_id[]' id='qID_17' value='378816' \/><input type='hidden' id='answerType378816' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378816[]' id='answer-id-1474343' class='answer   answerof-378816 ' value='1474343'   \/><label for='answer-id-1474343' id='answer-label-1474343' class=' answer'><span>Need to comply with breach disclosure laws<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378816[]' id='answer-id-1474344' class='answer   answerof-378816 ' value='1474344'   \/><label for='answer-id-1474344' id='answer-label-1474344' class=' answer'><span>Need to transfer the risk associated with hosting PII data<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378816[]' id='answer-id-1474345' class='answer   answerof-378816 ' value='1474345'   \/><label for='answer-id-1474345' id='answer-label-1474345' class=' answer'><span>Need to better understand the risk associated with using PII data<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378816[]' id='answer-id-1474346' class='answer   answerof-378816 ' value='1474346'   \/><label for='answer-id-1474346' id='answer-label-1474346' class=' answer'><span>Fiduciary responsibility to safeguard credit card information<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-18' style=';'><div id='questionWrap-18'  class='   watupro-question-id-378817'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>18. <\/span>The alerting, monitoring and life-cycle management of security related events is typically handled by the<\/div><input type='hidden' name='question_id[]' id='qID_18' value='378817' \/><input type='hidden' id='answerType378817' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378817[]' id='answer-id-1474347' class='answer   answerof-378817 ' value='1474347'   \/><label for='answer-id-1474347' id='answer-label-1474347' class=' answer'><span>security threat and vulnerability management process<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378817[]' id='answer-id-1474348' class='answer   answerof-378817 ' value='1474348'   \/><label for='answer-id-1474348' id='answer-label-1474348' class=' answer'><span>risk assessment process<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378817[]' id='answer-id-1474349' class='answer   answerof-378817 ' value='1474349'   \/><label for='answer-id-1474349' id='answer-label-1474349' class=' answer'><span>risk management process<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378817[]' id='answer-id-1474350' class='answer   answerof-378817 ' value='1474350'   \/><label for='answer-id-1474350' id='answer-label-1474350' class=' answer'><span>governance, risk, and compliance tools<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-19' style=';'><div id='questionWrap-19'  class='   watupro-question-id-378818'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>19. <\/span>One of the MAIN goals of a Business Continuity Plan is to<\/div><input type='hidden' name='question_id[]' id='qID_19' value='378818' \/><input type='hidden' id='answerType378818' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378818[]' id='answer-id-1474351' class='answer   answerof-378818 ' value='1474351'   \/><label for='answer-id-1474351' id='answer-label-1474351' class=' answer'><span>Ensure all infrastructure and applications are available in the event of a disaster<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378818[]' id='answer-id-1474352' class='answer   answerof-378818 ' value='1474352'   \/><label for='answer-id-1474352' id='answer-label-1474352' class=' answer'><span>Allow all technical first-responders to understand their roles in the event of a disaster<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378818[]' id='answer-id-1474353' class='answer   answerof-378818 ' value='1474353'   \/><label for='answer-id-1474353' id='answer-label-1474353' class=' answer'><span>Provide step by step plans to recover business processes in the event of a disaster<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378818[]' id='answer-id-1474354' class='answer   answerof-378818 ' value='1474354'   \/><label for='answer-id-1474354' id='answer-label-1474354' class=' answer'><span>Assign responsibilities to the technical teams responsible for the recovery of all data.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-20' style=';'><div id='questionWrap-20'  class='   watupro-question-id-378819'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>20. <\/span>When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?<\/div><input type='hidden' name='question_id[]' id='qID_20' value='378819' \/><input type='hidden' id='answerType378819' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378819[]' id='answer-id-1474355' class='answer   answerof-378819 ' value='1474355'   \/><label for='answer-id-1474355' id='answer-label-1474355' class=' answer'><span>An independent Governance, Risk and Compliance organization<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378819[]' id='answer-id-1474356' class='answer   answerof-378819 ' value='1474356'   \/><label for='answer-id-1474356' id='answer-label-1474356' class=' answer'><span>Alignment of security goals with business goals<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378819[]' id='answer-id-1474357' class='answer   answerof-378819 ' value='1474357'   \/><label for='answer-id-1474357' id='answer-label-1474357' class=' answer'><span>Compliance with local privacy regulations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378819[]' id='answer-id-1474358' class='answer   answerof-378819 ' value='1474358'   \/><label for='answer-id-1474358' id='answer-label-1474358' class=' answer'><span>Support from Legal and HR teams<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-21' style=';'><div id='questionWrap-21'  class='   watupro-question-id-378820'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>21. <\/span>Which of the following is considered the MOST effective tool against social engineering?<\/div><input type='hidden' name='question_id[]' id='qID_21' value='378820' \/><input type='hidden' id='answerType378820' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378820[]' id='answer-id-1474359' class='answer   answerof-378820 ' value='1474359'   \/><label for='answer-id-1474359' id='answer-label-1474359' class=' answer'><span>Anti-phishing tools<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378820[]' id='answer-id-1474360' class='answer   answerof-378820 ' value='1474360'   \/><label for='answer-id-1474360' id='answer-label-1474360' class=' answer'><span>Anti-malware tools<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378820[]' id='answer-id-1474361' class='answer   answerof-378820 ' value='1474361'   \/><label for='answer-id-1474361' id='answer-label-1474361' class=' answer'><span>Effective Security Vulnerability Management Program<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378820[]' id='answer-id-1474362' class='answer   answerof-378820 ' value='1474362'   \/><label for='answer-id-1474362' id='answer-label-1474362' class=' answer'><span>Effective Security awareness program<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-22' style=';'><div id='questionWrap-22'  class='   watupro-question-id-378821'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>22. <\/span>When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?<\/div><input type='hidden' name='question_id[]' id='qID_22' value='378821' \/><input type='hidden' id='answerType378821' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378821[]' id='answer-id-1474363' class='answer   answerof-378821 ' value='1474363'   \/><label for='answer-id-1474363' id='answer-label-1474363' class=' answer'><span>Escalation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378821[]' id='answer-id-1474364' class='answer   answerof-378821 ' value='1474364'   \/><label for='answer-id-1474364' id='answer-label-1474364' class=' answer'><span>Recovery<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378821[]' id='answer-id-1474365' class='answer   answerof-378821 ' value='1474365'   \/><label for='answer-id-1474365' id='answer-label-1474365' class=' answer'><span>Eradication<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378821[]' id='answer-id-1474366' class='answer   answerof-378821 ' value='1474366'   \/><label for='answer-id-1474366' id='answer-label-1474366' class=' answer'><span>Containment<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-23' style=';'><div id='questionWrap-23'  class='   watupro-question-id-378822'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>23. <\/span>Which of the following is of MOST importance when security leaders of an organization are required to align security to influence the culture of an organization?<\/div><input type='hidden' name='question_id[]' id='qID_23' value='378822' \/><input type='hidden' id='answerType378822' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378822[]' id='answer-id-1474367' class='answer   answerof-378822 ' value='1474367'   \/><label for='answer-id-1474367' id='answer-label-1474367' class=' answer'><span>Poses a strong technical background<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378822[]' id='answer-id-1474368' class='answer   answerof-378822 ' value='1474368'   \/><label for='answer-id-1474368' id='answer-label-1474368' class=' answer'><span>Understand all regulations affecting the organization<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378822[]' id='answer-id-1474369' class='answer   answerof-378822 ' value='1474369'   \/><label for='answer-id-1474369' id='answer-label-1474369' class=' answer'><span>Understand the business goals of the organization<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378822[]' id='answer-id-1474370' class='answer   answerof-378822 ' value='1474370'   \/><label for='answer-id-1474370' id='answer-label-1474370' class=' answer'><span>Poses a strong auditing background<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-24' style=';'><div id='questionWrap-24'  class='   watupro-question-id-378823'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>24. <\/span>In accordance with best practices and international standards, how often is security awareness training provided to employees of an organization?<\/div><input type='hidden' name='question_id[]' id='qID_24' value='378823' \/><input type='hidden' id='answerType378823' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378823[]' id='answer-id-1474371' class='answer   answerof-378823 ' value='1474371'   \/><label for='answer-id-1474371' id='answer-label-1474371' class=' answer'><span>High risk environments 6 months, low risk environments 12 months<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378823[]' id='answer-id-1474372' class='answer   answerof-378823 ' value='1474372'   \/><label for='answer-id-1474372' id='answer-label-1474372' class=' answer'><span>Every 12 months<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378823[]' id='answer-id-1474373' class='answer   answerof-378823 ' value='1474373'   \/><label for='answer-id-1474373' id='answer-label-1474373' class=' answer'><span>Every 18 months<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378823[]' id='answer-id-1474374' class='answer   answerof-378823 ' value='1474374'   \/><label for='answer-id-1474374' id='answer-label-1474374' class=' answer'><span>Every six months<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-25' style=';'><div id='questionWrap-25'  class='   watupro-question-id-378824'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>25. <\/span>Which of the following is a MAJOR consideration when an organization retains sensitive customer data and uses this data to better target the organization\u2019s products and services?<\/div><input type='hidden' name='question_id[]' id='qID_25' value='378824' \/><input type='hidden' id='answerType378824' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378824[]' id='answer-id-1474375' class='answer   answerof-378824 ' value='1474375'   \/><label for='answer-id-1474375' id='answer-label-1474375' class=' answer'><span>Strong authentication technologies<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378824[]' id='answer-id-1474376' class='answer   answerof-378824 ' value='1474376'   \/><label for='answer-id-1474376' id='answer-label-1474376' class=' answer'><span>Financial reporting regulations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378824[]' id='answer-id-1474377' class='answer   answerof-378824 ' value='1474377'   \/><label for='answer-id-1474377' id='answer-label-1474377' class=' answer'><span>Credit card compliance and regulations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378824[]' id='answer-id-1474378' class='answer   answerof-378824 ' value='1474378'   \/><label for='answer-id-1474378' id='answer-label-1474378' class=' answer'><span>Local privacy laws<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-26' style=';'><div id='questionWrap-26'  class='   watupro-question-id-378825'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>26. <\/span>You have implemented a new security control. <br \/>\r<br>Which of the following risk strategy options have you engaged in?<\/div><input type='hidden' name='question_id[]' id='qID_26' value='378825' \/><input type='hidden' id='answerType378825' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378825[]' id='answer-id-1474379' class='answer   answerof-378825 ' value='1474379'   \/><label for='answer-id-1474379' id='answer-label-1474379' class=' answer'><span>Risk Avoidance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378825[]' id='answer-id-1474380' class='answer   answerof-378825 ' value='1474380'   \/><label for='answer-id-1474380' id='answer-label-1474380' class=' answer'><span>Risk Acceptance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378825[]' id='answer-id-1474381' class='answer   answerof-378825 ' value='1474381'   \/><label for='answer-id-1474381' id='answer-label-1474381' class=' answer'><span>Risk Transfer<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378825[]' id='answer-id-1474382' class='answer   answerof-378825 ' value='1474382'   \/><label for='answer-id-1474382' id='answer-label-1474382' class=' answer'><span>Risk Mitigation<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-27' style=';'><div id='questionWrap-27'  class='   watupro-question-id-378826'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>27. <\/span>You have purchased a new insurance policy as part of your risk strategy. <br \/>\r<br>Which of the following risk strategy options have you engaged in?<\/div><input type='hidden' name='question_id[]' id='qID_27' value='378826' \/><input type='hidden' id='answerType378826' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378826[]' id='answer-id-1474383' class='answer   answerof-378826 ' value='1474383'   \/><label for='answer-id-1474383' id='answer-label-1474383' class=' answer'><span>Risk Avoidance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378826[]' id='answer-id-1474384' class='answer   answerof-378826 ' value='1474384'   \/><label for='answer-id-1474384' id='answer-label-1474384' class=' answer'><span>Risk Acceptance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378826[]' id='answer-id-1474385' class='answer   answerof-378826 ' value='1474385'   \/><label for='answer-id-1474385' id='answer-label-1474385' class=' answer'><span>Risk Transfer<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378826[]' id='answer-id-1474386' class='answer   answerof-378826 ' value='1474386'   \/><label for='answer-id-1474386' id='answer-label-1474386' class=' answer'><span>Risk Mitigation<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-28' style=';'><div id='questionWrap-28'  class='   watupro-question-id-378827'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>28. <\/span>Risk that remains after risk mitigation is known as<\/div><input type='hidden' name='question_id[]' id='qID_28' value='378827' \/><input type='hidden' id='answerType378827' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378827[]' id='answer-id-1474387' class='answer   answerof-378827 ' value='1474387'   \/><label for='answer-id-1474387' id='answer-label-1474387' class=' answer'><span>Persistent risk<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378827[]' id='answer-id-1474388' class='answer   answerof-378827 ' value='1474388'   \/><label for='answer-id-1474388' id='answer-label-1474388' class=' answer'><span>Residual risk<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378827[]' id='answer-id-1474389' class='answer   answerof-378827 ' value='1474389'   \/><label for='answer-id-1474389' id='answer-label-1474389' class=' answer'><span>Accepted risk<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378827[]' id='answer-id-1474390' class='answer   answerof-378827 ' value='1474390'   \/><label for='answer-id-1474390' id='answer-label-1474390' class=' answer'><span>Non-tolerated risk<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-29' style=';'><div id='questionWrap-29'  class='   watupro-question-id-378828'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>29. <\/span>After a risk assessment is performed, a particular risk is considered to have the potential of costing the organization 1.2 Million USD. This is an example of<\/div><input type='hidden' name='question_id[]' id='qID_29' value='378828' \/><input type='hidden' id='answerType378828' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378828[]' id='answer-id-1474391' class='answer   answerof-378828 ' value='1474391'   \/><label for='answer-id-1474391' id='answer-label-1474391' class=' answer'><span>Risk Tolerance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378828[]' id='answer-id-1474392' class='answer   answerof-378828 ' value='1474392'   \/><label for='answer-id-1474392' id='answer-label-1474392' class=' answer'><span>Qualitative risk analysis<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378828[]' id='answer-id-1474393' class='answer   answerof-378828 ' value='1474393'   \/><label for='answer-id-1474393' id='answer-label-1474393' class=' answer'><span>Risk Appetite<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378828[]' id='answer-id-1474394' class='answer   answerof-378828 ' value='1474394'   \/><label for='answer-id-1474394' id='answer-label-1474394' class=' answer'><span>Quantitative risk analysis<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-30' style=';'><div id='questionWrap-30'  class='   watupro-question-id-378829'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>30. <\/span>When dealing with a risk management process, asset classification is important because it will impact the overall:<\/div><input type='hidden' name='question_id[]' id='qID_30' value='378829' \/><input type='hidden' id='answerType378829' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378829[]' id='answer-id-1474395' class='answer   answerof-378829 ' value='1474395'   \/><label for='answer-id-1474395' id='answer-label-1474395' class=' answer'><span>Threat identification<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378829[]' id='answer-id-1474396' class='answer   answerof-378829 ' value='1474396'   \/><label for='answer-id-1474396' id='answer-label-1474396' class=' answer'><span>Risk monitoring<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378829[]' id='answer-id-1474397' class='answer   answerof-378829 ' value='1474397'   \/><label for='answer-id-1474397' id='answer-label-1474397' class=' answer'><span>Risk treatment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378829[]' id='answer-id-1474398' class='answer   answerof-378829 ' value='1474398'   \/><label for='answer-id-1474398' id='answer-label-1474398' class=' answer'><span>Risk tolerance<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-31' style=';'><div id='questionWrap-31'  class='   watupro-question-id-378830'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>31. <\/span>Which of the following intellectual Property components is focused on maintaining brand recognition?<\/div><input type='hidden' name='question_id[]' id='qID_31' value='378830' \/><input type='hidden' id='answerType378830' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378830[]' id='answer-id-1474399' class='answer   answerof-378830 ' value='1474399'   \/><label for='answer-id-1474399' id='answer-label-1474399' class=' answer'><span>Trademark<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378830[]' id='answer-id-1474400' class='answer   answerof-378830 ' value='1474400'   \/><label for='answer-id-1474400' id='answer-label-1474400' class=' answer'><span>Patent<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378830[]' id='answer-id-1474401' class='answer   answerof-378830 ' value='1474401'   \/><label for='answer-id-1474401' id='answer-label-1474401' class=' answer'><span>Research Logs<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378830[]' id='answer-id-1474402' class='answer   answerof-378830 ' value='1474402'   \/><label for='answer-id-1474402' id='answer-label-1474402' class=' answer'><span>Copyright<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-32' style=';'><div id='questionWrap-32'  class='   watupro-question-id-378831'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>32. <\/span>The framework that helps to define a minimum standard of protection that business stakeholders must attempt to achieve is referred to as a standard of:<\/div><input type='hidden' name='question_id[]' id='qID_32' value='378831' \/><input type='hidden' id='answerType378831' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378831[]' id='answer-id-1474403' class='answer   answerof-378831 ' value='1474403'   \/><label for='answer-id-1474403' id='answer-label-1474403' class=' answer'><span>Due Protection<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378831[]' id='answer-id-1474404' class='answer   answerof-378831 ' value='1474404'   \/><label for='answer-id-1474404' id='answer-label-1474404' class=' answer'><span>Due Care<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378831[]' id='answer-id-1474405' class='answer   answerof-378831 ' value='1474405'   \/><label for='answer-id-1474405' id='answer-label-1474405' class=' answer'><span>Due Compromise<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378831[]' id='answer-id-1474406' class='answer   answerof-378831 ' value='1474406'   \/><label for='answer-id-1474406' id='answer-label-1474406' class=' answer'><span>Due process<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-33' style=';'><div id='questionWrap-33'  class='   watupro-question-id-378832'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>33. <\/span>When an organization claims it is secure because it is PCI-DSS certified, what is a good first question to ask towards assessing the effectiveness of their security program?<\/div><input type='hidden' name='question_id[]' id='qID_33' value='378832' \/><input type='hidden' id='answerType378832' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378832[]' id='answer-id-1474407' class='answer   answerof-378832 ' value='1474407'   \/><label for='answer-id-1474407' id='answer-label-1474407' class=' answer'><span>How many credit card records are stored?<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378832[]' id='answer-id-1474408' class='answer   answerof-378832 ' value='1474408'   \/><label for='answer-id-1474408' id='answer-label-1474408' class=' answer'><span>How many servers do you have?<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378832[]' id='answer-id-1474409' class='answer   answerof-378832 ' value='1474409'   \/><label for='answer-id-1474409' id='answer-label-1474409' class=' answer'><span>What is the scope of the certification?<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378832[]' id='answer-id-1474410' class='answer   answerof-378832 ' value='1474410'   \/><label for='answer-id-1474410' id='answer-label-1474410' class=' answer'><span>What is the value of the assets at risk?<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-34' style=';'><div id='questionWrap-34'  class='   watupro-question-id-378833'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>34. <\/span>What is a difference from the list below between quantitative and qualitative Risk Assessment?<\/div><input type='hidden' name='question_id[]' id='qID_34' value='378833' \/><input type='hidden' id='answerType378833' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378833[]' id='answer-id-1474411' class='answer   answerof-378833 ' value='1474411'   \/><label for='answer-id-1474411' id='answer-label-1474411' class=' answer'><span>Quantitative risk assessments result in an exact number (in monetary terms)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378833[]' id='answer-id-1474412' class='answer   answerof-378833 ' value='1474412'   \/><label for='answer-id-1474412' id='answer-label-1474412' class=' answer'><span>Qualitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378833[]' id='answer-id-1474413' class='answer   answerof-378833 ' value='1474413'   \/><label for='answer-id-1474413' id='answer-label-1474413' class=' answer'><span>Qualitative risk assessments map to business objectives<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378833[]' id='answer-id-1474414' class='answer   answerof-378833 ' value='1474414'   \/><label for='answer-id-1474414' id='answer-label-1474414' class=' answer'><span>Quantitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-35' style=';'><div id='questionWrap-35'  class='   watupro-question-id-378834'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>35. <\/span>What is the definition of Risk in Information Security?<\/div><input type='hidden' name='question_id[]' id='qID_35' value='378834' \/><input type='hidden' id='answerType378834' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378834[]' id='answer-id-1474415' class='answer   answerof-378834 ' value='1474415'   \/><label for='answer-id-1474415' id='answer-label-1474415' class=' answer'><span>Risk = Probability x Impact<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378834[]' id='answer-id-1474416' class='answer   answerof-378834 ' value='1474416'   \/><label for='answer-id-1474416' id='answer-label-1474416' class=' answer'><span>Risk = Threat x Probability<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378834[]' id='answer-id-1474417' class='answer   answerof-378834 ' value='1474417'   \/><label for='answer-id-1474417' id='answer-label-1474417' class=' answer'><span>Risk = Financial Impact x Probability<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378834[]' id='answer-id-1474418' class='answer   answerof-378834 ' value='1474418'   \/><label for='answer-id-1474418' id='answer-label-1474418' class=' answer'><span>Risk = Impact x Threat<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-36' style=';'><div id='questionWrap-36'  class='   watupro-question-id-378835'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>36. <\/span>Quantitative Risk Assessments have the following advantages over qualitative risk assessments:<\/div><input type='hidden' name='question_id[]' id='qID_36' value='378835' \/><input type='hidden' id='answerType378835' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378835[]' id='answer-id-1474419' class='answer   answerof-378835 ' value='1474419'   \/><label for='answer-id-1474419' id='answer-label-1474419' class=' answer'><span>They are objective and can express risk \/ cost in real numbers<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378835[]' id='answer-id-1474420' class='answer   answerof-378835 ' value='1474420'   \/><label for='answer-id-1474420' id='answer-label-1474420' class=' answer'><span>They are subjective and can be completed more quickly<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378835[]' id='answer-id-1474421' class='answer   answerof-378835 ' value='1474421'   \/><label for='answer-id-1474421' id='answer-label-1474421' class=' answer'><span>They are objective and express risk \/ cost in approximates<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378835[]' id='answer-id-1474422' class='answer   answerof-378835 ' value='1474422'   \/><label for='answer-id-1474422' id='answer-label-1474422' class=' answer'><span>They are subjective and can express risk \/cost in real numbers<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-37' style=';'><div id='questionWrap-37'  class='   watupro-question-id-378836'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>37. <\/span>Which of the following is MOST important when dealing with an Information Security Steering committee:<\/div><input type='hidden' name='question_id[]' id='qID_37' value='378836' \/><input type='hidden' id='answerType378836' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378836[]' id='answer-id-1474423' class='answer   answerof-378836 ' value='1474423'   \/><label for='answer-id-1474423' id='answer-label-1474423' class=' answer'><span>Include a mix of members from different departments and staff levels.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378836[]' id='answer-id-1474424' class='answer   answerof-378836 ' value='1474424'   \/><label for='answer-id-1474424' id='answer-label-1474424' class=' answer'><span>Ensure that security policies and procedures have been vetted and approved.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378836[]' id='answer-id-1474425' class='answer   answerof-378836 ' value='1474425'   \/><label for='answer-id-1474425' id='answer-label-1474425' class=' answer'><span>Review all past audit and compliance reports.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378836[]' id='answer-id-1474426' class='answer   answerof-378836 ' value='1474426'   \/><label for='answer-id-1474426' id='answer-label-1474426' class=' answer'><span>Be briefed about new trends and products at each meeting by a vendor.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-38' style=';'><div id='questionWrap-38'  class='   watupro-question-id-378837'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>38. <\/span>A business unit within your organization intends to deploy a new technology in a manner that places it in violation of existing information security standards. <br \/>\r<br>What immediate action should the information security manager take?<\/div><input type='hidden' name='question_id[]' id='qID_38' value='378837' \/><input type='hidden' id='answerType378837' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378837[]' id='answer-id-1474427' class='answer   answerof-378837 ' value='1474427'   \/><label for='answer-id-1474427' id='answer-label-1474427' class=' answer'><span>Enforce the existing security standards and do not allow the deployment of the new technology.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378837[]' id='answer-id-1474428' class='answer   answerof-378837 ' value='1474428'   \/><label for='answer-id-1474428' id='answer-label-1474428' class=' answer'><span>Amend the standard to permit the deployment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378837[]' id='answer-id-1474429' class='answer   answerof-378837 ' value='1474429'   \/><label for='answer-id-1474429' id='answer-label-1474429' class=' answer'><span>If the risks associated with that technology are not already identified, perform a risk analysis to quantify the risk, and allow the business unit to proceed based on the identified risk level.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378837[]' id='answer-id-1474430' class='answer   answerof-378837 ' value='1474430'   \/><label for='answer-id-1474430' id='answer-label-1474430' class=' answer'><span>Permit a 90-day window to see if an issue occurs and then amend the standard if there are no issues.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-39' style=';'><div id='questionWrap-39'  class='   watupro-question-id-378838'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>39. <\/span>The PRIMARY objective of security awareness is to:<\/div><input type='hidden' name='question_id[]' id='qID_39' value='378838' \/><input type='hidden' id='answerType378838' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378838[]' id='answer-id-1474431' class='answer   answerof-378838 ' value='1474431'   \/><label for='answer-id-1474431' id='answer-label-1474431' class=' answer'><span>Ensure that security policies are read.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378838[]' id='answer-id-1474432' class='answer   answerof-378838 ' value='1474432'   \/><label for='answer-id-1474432' id='answer-label-1474432' class=' answer'><span>Encourage security-conscious employee behavior.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378838[]' id='answer-id-1474433' class='answer   answerof-378838 ' value='1474433'   \/><label for='answer-id-1474433' id='answer-label-1474433' class=' answer'><span>Meet legal and regulatory requirements.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378838[]' id='answer-id-1474434' class='answer   answerof-378838 ' value='1474434'   \/><label for='answer-id-1474434' id='answer-label-1474434' class=' answer'><span>Put employees on notice in case follow-up action for noncompliance is necessary<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-40' style=';'><div id='questionWrap-40'  class='   watupro-question-id-378839'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>40. <\/span>Which of the following is MOST likely to be discretionary?<\/div><input type='hidden' name='question_id[]' id='qID_40' value='378839' \/><input type='hidden' id='answerType378839' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378839[]' id='answer-id-1474435' class='answer   answerof-378839 ' value='1474435'   \/><label for='answer-id-1474435' id='answer-label-1474435' class=' answer'><span>Policies<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378839[]' id='answer-id-1474436' class='answer   answerof-378839 ' value='1474436'   \/><label for='answer-id-1474436' id='answer-label-1474436' class=' answer'><span>Procedures<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378839[]' id='answer-id-1474437' class='answer   answerof-378839 ' value='1474437'   \/><label for='answer-id-1474437' id='answer-label-1474437' class=' answer'><span>Guidelines<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378839[]' id='answer-id-1474438' class='answer   answerof-378839 ' value='1474438'   \/><label for='answer-id-1474438' id='answer-label-1474438' class=' answer'><span>Standards<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-41' style=';'><div id='questionWrap-41'  class='   watupro-question-id-378840'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>41. <\/span>Why is it vitally important that senior management endorse a security policy?<\/div><input type='hidden' name='question_id[]' id='qID_41' value='378840' \/><input type='hidden' id='answerType378840' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378840[]' id='answer-id-1474439' class='answer   answerof-378840 ' value='1474439'   \/><label for='answer-id-1474439' id='answer-label-1474439' class=' answer'><span>So that they will accept ownership for security within the organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378840[]' id='answer-id-1474440' class='answer   answerof-378840 ' value='1474440'   \/><label for='answer-id-1474440' id='answer-label-1474440' class=' answer'><span>So that employees will follow the policy directives.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378840[]' id='answer-id-1474441' class='answer   answerof-378840 ' value='1474441'   \/><label for='answer-id-1474441' id='answer-label-1474441' class=' answer'><span>So that external bodies will recognize the organizations commitment to security.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378840[]' id='answer-id-1474442' class='answer   answerof-378840 ' value='1474442'   \/><label for='answer-id-1474442' id='answer-label-1474442' class=' answer'><span>So that they can be held legally accountable.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-42' style=';'><div id='questionWrap-42'  class='   watupro-question-id-378841'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>42. <\/span>When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?<\/div><input type='hidden' name='question_id[]' id='qID_42' value='378841' \/><input type='hidden' id='answerType378841' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378841[]' id='answer-id-1474443' class='answer   answerof-378841 ' value='1474443'   \/><label for='answer-id-1474443' id='answer-label-1474443' class=' answer'><span>When there is a need to develop a more unified incident response capability.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378841[]' id='answer-id-1474444' class='answer   answerof-378841 ' value='1474444'   \/><label for='answer-id-1474444' id='answer-label-1474444' class=' answer'><span>When the enterprise is made up of many business units with diverse business activities, risks profiles and regulatory requirements.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378841[]' id='answer-id-1474445' class='answer   answerof-378841 ' value='1474445'   \/><label for='answer-id-1474445' id='answer-label-1474445' class=' answer'><span>When there is a variety of technologies deployed in the infrastructure.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378841[]' id='answer-id-1474446' class='answer   answerof-378841 ' value='1474446'   \/><label for='answer-id-1474446' id='answer-label-1474446' class=' answer'><span>When it results in an overall lower cost of operating the security program.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-43' style=';'><div id='questionWrap-43'  class='   watupro-question-id-378842'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>43. <\/span>What is the relationship between information protection and regulatory compliance?<\/div><input type='hidden' name='question_id[]' id='qID_43' value='378842' \/><input type='hidden' id='answerType378842' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378842[]' id='answer-id-1474447' class='answer   answerof-378842 ' value='1474447'   \/><label for='answer-id-1474447' id='answer-label-1474447' class=' answer'><span>That all information in an organization must be protected equally.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378842[]' id='answer-id-1474448' class='answer   answerof-378842 ' value='1474448'   \/><label for='answer-id-1474448' id='answer-label-1474448' class=' answer'><span>The information required to be protected by regulatory mandate does not have to be identified in the organizations data classification policy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378842[]' id='answer-id-1474449' class='answer   answerof-378842 ' value='1474449'   \/><label for='answer-id-1474449' id='answer-label-1474449' class=' answer'><span>That the protection of some information such as National ID information is mandated by regulation and other information such as trade secrets are protected based on business need.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378842[]' id='answer-id-1474450' class='answer   answerof-378842 ' value='1474450'   \/><label for='answer-id-1474450' id='answer-label-1474450' class=' answer'><span>There is no relationship between the two.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-44' style=';'><div id='questionWrap-44'  class='   watupro-question-id-378843'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>44. <\/span>Regulatory requirements typically force organizations to implement<\/div><input type='hidden' name='question_id[]' id='qID_44' value='378843' \/><input type='hidden' id='answerType378843' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378843[]' id='answer-id-1474451' class='answer   answerof-378843 ' value='1474451'   \/><label for='answer-id-1474451' id='answer-label-1474451' class=' answer'><span>Mandatory controls<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378843[]' id='answer-id-1474452' class='answer   answerof-378843 ' value='1474452'   \/><label for='answer-id-1474452' id='answer-label-1474452' class=' answer'><span>Discretionary controls<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378843[]' id='answer-id-1474453' class='answer   answerof-378843 ' value='1474453'   \/><label for='answer-id-1474453' id='answer-label-1474453' class=' answer'><span>Optional controls<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378843[]' id='answer-id-1474454' class='answer   answerof-378843 ' value='1474454'   \/><label for='answer-id-1474454' id='answer-label-1474454' class=' answer'><span>Financial controls<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-45' style=';'><div id='questionWrap-45'  class='   watupro-question-id-378844'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>45. <\/span>When managing the security architecture for your company you must consider:<\/div><input type='hidden' name='question_id[]' id='qID_45' value='378844' \/><input type='hidden' id='answerType378844' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378844[]' id='answer-id-1474455' class='answer   answerof-378844 ' value='1474455'   \/><label for='answer-id-1474455' id='answer-label-1474455' class=' answer'><span>Security and IT Staff size<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378844[]' id='answer-id-1474456' class='answer   answerof-378844 ' value='1474456'   \/><label for='answer-id-1474456' id='answer-label-1474456' class=' answer'><span>Company Values<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378844[]' id='answer-id-1474457' class='answer   answerof-378844 ' value='1474457'   \/><label for='answer-id-1474457' id='answer-label-1474457' class=' answer'><span>Budget<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378844[]' id='answer-id-1474458' class='answer   answerof-378844 ' value='1474458'   \/><label for='answer-id-1474458' id='answer-label-1474458' class=' answer'><span>All of the above<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-46' style=';'><div id='questionWrap-46'  class='   watupro-question-id-378845'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>46. <\/span>If your organization operates under a model of &quot;assumption of breach&quot;, you should:<\/div><input type='hidden' name='question_id[]' id='qID_46' value='378845' \/><input type='hidden' id='answerType378845' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378845[]' id='answer-id-1474459' class='answer   answerof-378845 ' value='1474459'   \/><label for='answer-id-1474459' id='answer-label-1474459' class=' answer'><span>Protect all information resource assets equally<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378845[]' id='answer-id-1474460' class='answer   answerof-378845 ' value='1474460'   \/><label for='answer-id-1474460' id='answer-label-1474460' class=' answer'><span>Establish active firewall monitoring protocols<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378845[]' id='answer-id-1474461' class='answer   answerof-378845 ' value='1474461'   \/><label for='answer-id-1474461' id='answer-label-1474461' class=' answer'><span>Purchase insurance for your compliance liability<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378845[]' id='answer-id-1474462' class='answer   answerof-378845 ' value='1474462'   \/><label for='answer-id-1474462' id='answer-label-1474462' class=' answer'><span>Focus your security efforts on high value assets<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-47' style=';'><div id='questionWrap-47'  class='   watupro-question-id-378846'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>47. <\/span>A method to transfer risk is to:<\/div><input type='hidden' name='question_id[]' id='qID_47' value='378846' \/><input type='hidden' id='answerType378846' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378846[]' id='answer-id-1474463' class='answer   answerof-378846 ' value='1474463'   \/><label for='answer-id-1474463' id='answer-label-1474463' class=' answer'><span>Implement redundancy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378846[]' id='answer-id-1474464' class='answer   answerof-378846 ' value='1474464'   \/><label for='answer-id-1474464' id='answer-label-1474464' class=' answer'><span>move operations to another region<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378846[]' id='answer-id-1474465' class='answer   answerof-378846 ' value='1474465'   \/><label for='answer-id-1474465' id='answer-label-1474465' class=' answer'><span>purchase breach insurance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378846[]' id='answer-id-1474466' class='answer   answerof-378846 ' value='1474466'   \/><label for='answer-id-1474466' id='answer-label-1474466' class=' answer'><span>Alignment with business operations<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-48' style=';'><div id='questionWrap-48'  class='   watupro-question-id-378847'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>48. <\/span>You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the<\/div><input type='hidden' name='question_id[]' id='qID_48' value='378847' \/><input type='hidden' id='answerType378847' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378847[]' id='answer-id-1474467' class='answer   answerof-378847 ' value='1474467'   \/><label for='answer-id-1474467' id='answer-label-1474467' class=' answer'><span>Controlled mitigation effort<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378847[]' id='answer-id-1474468' class='answer   answerof-378847 ' value='1474468'   \/><label for='answer-id-1474468' id='answer-label-1474468' class=' answer'><span>Risk impact comparison<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378847[]' id='answer-id-1474469' class='answer   answerof-378847 ' value='1474469'   \/><label for='answer-id-1474469' id='answer-label-1474469' class=' answer'><span>Relative likelihood of event<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378847[]' id='answer-id-1474470' class='answer   answerof-378847 ' value='1474470'   \/><label for='answer-id-1474470' id='answer-label-1474470' class=' answer'><span>Comparative threat analysis<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-49' style=';'><div id='questionWrap-49'  class='   watupro-question-id-378848'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>49. <\/span>Ensuring that the actions of a set of people, applications and systems follow the organization\u2019s rules is BEST described as:<\/div><input type='hidden' name='question_id[]' id='qID_49' value='378848' \/><input type='hidden' id='answerType378848' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378848[]' id='answer-id-1474471' class='answer   answerof-378848 ' value='1474471'   \/><label for='answer-id-1474471' id='answer-label-1474471' class=' answer'><span>Risk management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378848[]' id='answer-id-1474472' class='answer   answerof-378848 ' value='1474472'   \/><label for='answer-id-1474472' id='answer-label-1474472' class=' answer'><span>Security management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378848[]' id='answer-id-1474473' class='answer   answerof-378848 ' value='1474473'   \/><label for='answer-id-1474473' id='answer-label-1474473' class=' answer'><span>Mitigation management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378848[]' id='answer-id-1474474' class='answer   answerof-378848 ' value='1474474'   \/><label for='answer-id-1474474' id='answer-label-1474474' class=' answer'><span>Compliance management<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-50' style=';'><div id='questionWrap-50'  class='   watupro-question-id-378849'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>50. <\/span>A security manager regularly checks work areas after business hours for security violations; such as unsecured files or unattended computers with active sessions. <br \/>\r<br>This activity BEST demonstrates what part of a security program?<\/div><input type='hidden' name='question_id[]' id='qID_50' value='378849' \/><input type='hidden' id='answerType378849' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378849[]' id='answer-id-1474475' class='answer   answerof-378849 ' value='1474475'   \/><label for='answer-id-1474475' id='answer-label-1474475' class=' answer'><span>Audit validation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378849[]' id='answer-id-1474476' class='answer   answerof-378849 ' value='1474476'   \/><label for='answer-id-1474476' id='answer-label-1474476' class=' answer'><span>Physical control testing<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378849[]' id='answer-id-1474477' class='answer   answerof-378849 ' value='1474477'   \/><label for='answer-id-1474477' id='answer-label-1474477' class=' answer'><span>Compliance management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378849[]' id='answer-id-1474478' class='answer   answerof-378849 ' value='1474478'   \/><label for='answer-id-1474478' id='answer-label-1474478' class=' answer'><span>Security awareness training<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-51' style=';'><div id='questionWrap-51'  class='   watupro-question-id-378850'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>51. <\/span>A Security Operations Centre (SOC) manager is informed that a database containing highly sensitive corporate strategy information is under attack. Information has been stolen and the database server was disconnected. <br \/>\r<br>Who must be informed of this incident?<\/div><input type='hidden' name='question_id[]' id='qID_51' value='378850' \/><input type='hidden' id='answerType378850' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378850[]' id='answer-id-1474479' class='answer   answerof-378850 ' value='1474479'   \/><label for='answer-id-1474479' id='answer-label-1474479' class=' answer'><span>Internal audit<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378850[]' id='answer-id-1474480' class='answer   answerof-378850 ' value='1474480'   \/><label for='answer-id-1474480' id='answer-label-1474480' class=' answer'><span>The data owner<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378850[]' id='answer-id-1474481' class='answer   answerof-378850 ' value='1474481'   \/><label for='answer-id-1474481' id='answer-label-1474481' class=' answer'><span>All executive staff<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378850[]' id='answer-id-1474482' class='answer   answerof-378850 ' value='1474482'   \/><label for='answer-id-1474482' id='answer-label-1474482' class=' answer'><span>Government regulators<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-52' style=';'><div id='questionWrap-52'  class='   watupro-question-id-378851'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>52. <\/span>A company wants to fill a Chief Information Security Officer position in the organization. They need to define and implement a more holistic security program. <br \/>\r<br>Which of the following qualifications and experience would be MOST desirable to find in a candidate?<\/div><input type='hidden' name='question_id[]' id='qID_52' value='378851' \/><input type='hidden' id='answerType378851' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378851[]' id='answer-id-1474483' class='answer   answerof-378851 ' value='1474483'   \/><label for='answer-id-1474483' id='answer-label-1474483' class=' answer'><span>Multiple certifications, strong technical capabilities and lengthy resume<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378851[]' id='answer-id-1474484' class='answer   answerof-378851 ' value='1474484'   \/><label for='answer-id-1474484' id='answer-label-1474484' class=' answer'><span>Industry certifications, technical knowledge and program management skills<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378851[]' id='answer-id-1474485' class='answer   answerof-378851 ' value='1474485'   \/><label for='answer-id-1474485' id='answer-label-1474485' class=' answer'><span>College degree, audit capabilities and complex project management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378851[]' id='answer-id-1474486' class='answer   answerof-378851 ' value='1474486'   \/><label for='answer-id-1474486' id='answer-label-1474486' class=' answer'><span>Multiple references, strong background check and industry certifications<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-53' style=';'><div id='questionWrap-53'  class='   watupro-question-id-378852'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>53. <\/span>An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. <br \/>\r<br>What kind of law would require notifying the owner or licensee of this incident?<\/div><input type='hidden' name='question_id[]' id='qID_53' value='378852' \/><input type='hidden' id='answerType378852' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378852[]' id='answer-id-1474487' class='answer   answerof-378852 ' value='1474487'   \/><label for='answer-id-1474487' id='answer-label-1474487' class=' answer'><span>Data breach disclosure<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378852[]' id='answer-id-1474488' class='answer   answerof-378852 ' value='1474488'   \/><label for='answer-id-1474488' id='answer-label-1474488' class=' answer'><span>Consumer right disclosure<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378852[]' id='answer-id-1474489' class='answer   answerof-378852 ' value='1474489'   \/><label for='answer-id-1474489' id='answer-label-1474489' class=' answer'><span>Security incident disclosure<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378852[]' id='answer-id-1474490' class='answer   answerof-378852 ' value='1474490'   \/><label for='answer-id-1474490' id='answer-label-1474490' class=' answer'><span>Special circumstance disclosure<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-54' style=';'><div id='questionWrap-54'  class='   watupro-question-id-378853'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>54. <\/span>An organization\u2019s firewall technology needs replaced. A specific technology has been selected that is less costly than others and lacking in some important capabilities. The security officer has voiced <br \/>\r<br>concerns about sensitive data breaches but the decision is made to purchase. <br \/>\r<br>What does this selection indicate?<\/div><input type='hidden' name='question_id[]' id='qID_54' value='378853' \/><input type='hidden' id='answerType378853' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378853[]' id='answer-id-1474491' class='answer   answerof-378853 ' value='1474491'   \/><label for='answer-id-1474491' id='answer-label-1474491' class=' answer'><span>A high threat environment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378853[]' id='answer-id-1474492' class='answer   answerof-378853 ' value='1474492'   \/><label for='answer-id-1474492' id='answer-label-1474492' class=' answer'><span>A low risk tolerance environment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378853[]' id='answer-id-1474493' class='answer   answerof-378853 ' value='1474493'   \/><label for='answer-id-1474493' id='answer-label-1474493' class=' answer'><span>I low vulnerability environment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378853[]' id='answer-id-1474494' class='answer   answerof-378853 ' value='1474494'   \/><label for='answer-id-1474494' id='answer-label-1474494' class=' answer'><span>A high risk tolerance environment<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-55' style=';'><div id='questionWrap-55'  class='   watupro-question-id-378854'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>55. <\/span>An organization has defined a set of standard security controls. This organization has also defined the circumstances and conditions in which they must be applied. <br \/>\r<br>What is the NEXT logical step in applying the controls in the organization?<\/div><input type='hidden' name='question_id[]' id='qID_55' value='378854' \/><input type='hidden' id='answerType378854' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378854[]' id='answer-id-1474495' class='answer   answerof-378854 ' value='1474495'   \/><label for='answer-id-1474495' id='answer-label-1474495' class=' answer'><span>Determine the risk tolerance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378854[]' id='answer-id-1474496' class='answer   answerof-378854 ' value='1474496'   \/><label for='answer-id-1474496' id='answer-label-1474496' class=' answer'><span>Perform an asset classification<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378854[]' id='answer-id-1474497' class='answer   answerof-378854 ' value='1474497'   \/><label for='answer-id-1474497' id='answer-label-1474497' class=' answer'><span>Create an architecture gap analysis<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378854[]' id='answer-id-1474498' class='answer   answerof-378854 ' value='1474498'   \/><label for='answer-id-1474498' id='answer-label-1474498' class=' answer'><span>Analyze existing controls on systems<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-56' style=';'><div id='questionWrap-56'  class='   watupro-question-id-378855'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>56. <\/span>A security manager has created a risk program. <br \/>\r<br>Which of the following is a critical part of ensuring the program is successful?<\/div><input type='hidden' name='question_id[]' id='qID_56' value='378855' \/><input type='hidden' id='answerType378855' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378855[]' id='answer-id-1474499' class='answer   answerof-378855 ' value='1474499'   \/><label for='answer-id-1474499' id='answer-label-1474499' class=' answer'><span>Providing a risk program governance structure<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378855[]' id='answer-id-1474500' class='answer   answerof-378855 ' value='1474500'   \/><label for='answer-id-1474500' id='answer-label-1474500' class=' answer'><span>Ensuring developers include risk control comments in code<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378855[]' id='answer-id-1474501' class='answer   answerof-378855 ' value='1474501'   \/><label for='answer-id-1474501' id='answer-label-1474501' class=' answer'><span>Creating risk assessment templates based on specific threats<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378855[]' id='answer-id-1474502' class='answer   answerof-378855 ' value='1474502'   \/><label for='answer-id-1474502' id='answer-label-1474502' class=' answer'><span>Allowing for the acceptance of risk for regulatory compliance requirements<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-57' style=';'><div id='questionWrap-57'  class='   watupro-question-id-378856'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>57. <\/span>Which of the following international standards can be BEST used to define a Risk Management process in an organization?<\/div><input type='hidden' name='question_id[]' id='qID_57' value='378856' \/><input type='hidden' id='answerType378856' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378856[]' id='answer-id-1474503' class='answer   answerof-378856 ' value='1474503'   \/><label for='answer-id-1474503' id='answer-label-1474503' class=' answer'><span>National Institute for Standards and Technology 800-50 (NIST 800-50)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378856[]' id='answer-id-1474504' class='answer   answerof-378856 ' value='1474504'   \/><label for='answer-id-1474504' id='answer-label-1474504' class=' answer'><span>International Organization for Standardizations C 27005 (ISO-27005)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378856[]' id='answer-id-1474505' class='answer   answerof-378856 ' value='1474505'   \/><label for='answer-id-1474505' id='answer-label-1474505' class=' answer'><span>Payment Card Industry Data Security Standards (PCI-DSS)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378856[]' id='answer-id-1474506' class='answer   answerof-378856 ' value='1474506'   \/><label for='answer-id-1474506' id='answer-label-1474506' class=' answer'><span>International Organization for Standardizations C 27004 (ISO-27004)<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-58' style=';'><div id='questionWrap-58'  class='   watupro-question-id-378857'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>58. <\/span>An organization is looking for a framework to measure the efficiency and effectiveness of their Information Security Management System. <br \/>\r<br>Which of the following international standards can BEST assist this organization?<\/div><input type='hidden' name='question_id[]' id='qID_58' value='378857' \/><input type='hidden' id='answerType378857' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378857[]' id='answer-id-1474507' class='answer   answerof-378857 ' value='1474507'   \/><label for='answer-id-1474507' id='answer-label-1474507' class=' answer'><span>International Organization for Standardizations C 27004 (ISO-27004)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378857[]' id='answer-id-1474508' class='answer   answerof-378857 ' value='1474508'   \/><label for='answer-id-1474508' id='answer-label-1474508' class=' answer'><span>Payment Card Industry Data Security Standards (PCI-DSS)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378857[]' id='answer-id-1474509' class='answer   answerof-378857 ' value='1474509'   \/><label for='answer-id-1474509' id='answer-label-1474509' class=' answer'><span>Control Objectives for Information Technology (COBIT)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378857[]' id='answer-id-1474510' class='answer   answerof-378857 ' value='1474510'   \/><label for='answer-id-1474510' id='answer-label-1474510' class=' answer'><span>International Organization for Standardizations C 27005 (ISO-27005)<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-59' style=';'><div id='questionWrap-59'  class='   watupro-question-id-378858'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>59. <\/span>A global retail company is creating a new compliance management process. <br \/>\r<br>Which of the following regulations is of MOST importance to be tracked and managed by this process?<\/div><input type='hidden' name='question_id[]' id='qID_59' value='378858' \/><input type='hidden' id='answerType378858' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378858[]' id='answer-id-1474511' class='answer   answerof-378858 ' value='1474511'   \/><label for='answer-id-1474511' id='answer-label-1474511' class=' answer'><span>Information Technology Infrastructure Library (ITIL)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378858[]' id='answer-id-1474512' class='answer   answerof-378858 ' value='1474512'   \/><label for='answer-id-1474512' id='answer-label-1474512' class=' answer'><span>International Organization for Standardization (ISO) standards<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378858[]' id='answer-id-1474513' class='answer   answerof-378858 ' value='1474513'   \/><label for='answer-id-1474513' id='answer-label-1474513' class=' answer'><span>Payment Card Industry Data Security Standards (PCI-DSS)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378858[]' id='answer-id-1474514' class='answer   answerof-378858 ' value='1474514'   \/><label for='answer-id-1474514' id='answer-label-1474514' class=' answer'><span>National Institute for Standards and Technology (NIST) standard<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-60' style=';'><div id='questionWrap-60'  class='   watupro-question-id-378859'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>60. <\/span>A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. <br \/>\r<br>Which of the following standards and guidelines can BEST address this organization\u2019s need?<\/div><input type='hidden' name='question_id[]' id='qID_60' value='378859' \/><input type='hidden' id='answerType378859' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378859[]' id='answer-id-1474515' class='answer   answerof-378859 ' value='1474515'   \/><label for='answer-id-1474515' id='answer-label-1474515' class=' answer'><span>International Organization for Standardizations C 22301 (ISO-22301)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378859[]' id='answer-id-1474516' class='answer   answerof-378859 ' value='1474516'   \/><label for='answer-id-1474516' id='answer-label-1474516' class=' answer'><span>Information Technology Infrastructure Library (ITIL)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378859[]' id='answer-id-1474517' class='answer   answerof-378859 ' value='1474517'   \/><label for='answer-id-1474517' id='answer-label-1474517' class=' answer'><span>Payment Card Industry Data Security Standards (PCI-DSS)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378859[]' id='answer-id-1474518' class='answer   answerof-378859 ' value='1474518'   \/><label for='answer-id-1474518' id='answer-label-1474518' class=' answer'><span>International Organization for Standardizations C 27005 (ISO-27005)<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-61' style=';'><div id='questionWrap-61'  class='   watupro-question-id-378860'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>61. <\/span>A global health insurance company is concerned about protecting confidential information. <br \/>\r<br>Which of the following is of MOST concern to this organization?<\/div><input type='hidden' name='question_id[]' id='qID_61' value='378860' \/><input type='hidden' id='answerType378860' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378860[]' id='answer-id-1474519' class='answer   answerof-378860 ' value='1474519'   \/><label for='answer-id-1474519' id='answer-label-1474519' class=' answer'><span>Compliance to the Payment Card Industry (PCI) regulations.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378860[]' id='answer-id-1474520' class='answer   answerof-378860 ' value='1474520'   \/><label for='answer-id-1474520' id='answer-label-1474520' class=' answer'><span>Alignment with financial reporting regulations for each country where they operate.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378860[]' id='answer-id-1474521' class='answer   answerof-378860 ' value='1474521'   \/><label for='answer-id-1474521' id='answer-label-1474521' class=' answer'><span>Alignment with International Organization for Standardization (ISO) standards.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378860[]' id='answer-id-1474522' class='answer   answerof-378860 ' value='1474522'   \/><label for='answer-id-1474522' id='answer-label-1474522' class=' answer'><span>Compliance with patient data protection regulations for each country where they operate.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-62' style=';'><div id='questionWrap-62'  class='   watupro-question-id-378861'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>62. <\/span>In which of the following cases, would an organization be more prone to risk acceptance vs. risk mitigation?<\/div><input type='hidden' name='question_id[]' id='qID_62' value='378861' \/><input type='hidden' id='answerType378861' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378861[]' id='answer-id-1474523' class='answer   answerof-378861 ' value='1474523'   \/><label for='answer-id-1474523' id='answer-label-1474523' class=' answer'><span>The organization uses exclusively a quantitative process to measure risk<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378861[]' id='answer-id-1474524' class='answer   answerof-378861 ' value='1474524'   \/><label for='answer-id-1474524' id='answer-label-1474524' class=' answer'><span>The organization uses exclusively a qualitative process to measure risk<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378861[]' id='answer-id-1474525' class='answer   answerof-378861 ' value='1474525'   \/><label for='answer-id-1474525' id='answer-label-1474525' class=' answer'><span>The organization\u2019s risk tolerance is high<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378861[]' id='answer-id-1474526' class='answer   answerof-378861 ' value='1474526'   \/><label for='answer-id-1474526' id='answer-label-1474526' class=' answer'><span>The organization\u2019s risk tolerance is lo<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-63' style=';'><div id='questionWrap-63'  class='   watupro-question-id-378862'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>63. <\/span>The exposure factor of a threat to your organization is defined by?<\/div><input type='hidden' name='question_id[]' id='qID_63' value='378862' \/><input type='hidden' id='answerType378862' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378862[]' id='answer-id-1474527' class='answer   answerof-378862 ' value='1474527'   \/><label for='answer-id-1474527' id='answer-label-1474527' class=' answer'><span>Asset value times exposure factor<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378862[]' id='answer-id-1474528' class='answer   answerof-378862 ' value='1474528'   \/><label for='answer-id-1474528' id='answer-label-1474528' class=' answer'><span>Annual rate of occurrence<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378862[]' id='answer-id-1474529' class='answer   answerof-378862 ' value='1474529'   \/><label for='answer-id-1474529' id='answer-label-1474529' class=' answer'><span>Annual loss expectancy minus current cost of controls<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378862[]' id='answer-id-1474530' class='answer   answerof-378862 ' value='1474530'   \/><label for='answer-id-1474530' id='answer-label-1474530' class=' answer'><span>Percentage of loss experienced due to a realized threat event<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-64' style=';'><div id='questionWrap-64'  class='   watupro-question-id-378863'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>64. <\/span>Risk is defined as:<\/div><input type='hidden' name='question_id[]' id='qID_64' value='378863' \/><input type='hidden' id='answerType378863' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378863[]' id='answer-id-1474531' class='answer   answerof-378863 ' value='1474531'   \/><label for='answer-id-1474531' id='answer-label-1474531' class=' answer'><span>Threat times vulnerability divided by control<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378863[]' id='answer-id-1474532' class='answer   answerof-378863 ' value='1474532'   \/><label for='answer-id-1474532' id='answer-label-1474532' class=' answer'><span>Advisory plus capability plus vulnerability<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378863[]' id='answer-id-1474533' class='answer   answerof-378863 ' value='1474533'   \/><label for='answer-id-1474533' id='answer-label-1474533' class=' answer'><span>Asset loss times likelihood of event<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378863[]' id='answer-id-1474534' class='answer   answerof-378863 ' value='1474534'   \/><label for='answer-id-1474534' id='answer-label-1474534' class=' answer'><span>Quantitative plus qualitative impact<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-65' style=';'><div id='questionWrap-65'  class='   watupro-question-id-378864'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>65. <\/span>What two methods are used to assess risk impact?<\/div><input type='hidden' name='question_id[]' id='qID_65' value='378864' \/><input type='hidden' id='answerType378864' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378864[]' id='answer-id-1474535' class='answer   answerof-378864 ' value='1474535'   \/><label for='answer-id-1474535' id='answer-label-1474535' class=' answer'><span>Cost and annual rate of expectance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378864[]' id='answer-id-1474536' class='answer   answerof-378864 ' value='1474536'   \/><label for='answer-id-1474536' id='answer-label-1474536' class=' answer'><span>Subjective and Objective<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378864[]' id='answer-id-1474537' class='answer   answerof-378864 ' value='1474537'   \/><label for='answer-id-1474537' id='answer-label-1474537' class=' answer'><span>Qualitative and percent of loss realized<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378864[]' id='answer-id-1474538' class='answer   answerof-378864 ' value='1474538'   \/><label for='answer-id-1474538' id='answer-label-1474538' class=' answer'><span>Quantitative and qualitative<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-66' style=';'><div id='questionWrap-66'  class='   watupro-question-id-378865'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>66. <\/span>According to ISO 27001, of the steps for establishing an Information Security Governance program listed below, which comes first?<\/div><input type='hidden' name='question_id[]' id='qID_66' value='378865' \/><input type='hidden' id='answerType378865' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378865[]' id='answer-id-1474539' class='answer   answerof-378865 ' value='1474539'   \/><label for='answer-id-1474539' id='answer-label-1474539' class=' answer'><span>Identify threats, risks, impacts and vulnerabilities<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378865[]' id='answer-id-1474540' class='answer   answerof-378865 ' value='1474540'   \/><label for='answer-id-1474540' id='answer-label-1474540' class=' answer'><span>Decide how to manage risk<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378865[]' id='answer-id-1474541' class='answer   answerof-378865 ' value='1474541'   \/><label for='answer-id-1474541' id='answer-label-1474541' class=' answer'><span>Define the budget of the Information Security Management System<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378865[]' id='answer-id-1474542' class='answer   answerof-378865 ' value='1474542'   \/><label for='answer-id-1474542' id='answer-label-1474542' class=' answer'><span>Define Information Security Policy<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-67' style=';'><div id='questionWrap-67'  class='   watupro-question-id-378866'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>67. <\/span>You have recently drafted a revised information security policy. <br \/>\r<br>From whom should you seek endorsement in order to have the GREATEST chance for adoption and implementation throughout the entire organization?<\/div><input type='hidden' name='question_id[]' id='qID_67' value='378866' \/><input type='hidden' id='answerType378866' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378866[]' id='answer-id-1474543' class='answer   answerof-378866 ' value='1474543'   \/><label for='answer-id-1474543' id='answer-label-1474543' class=' answer'><span>Chief Information Security Officer<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378866[]' id='answer-id-1474544' class='answer   answerof-378866 ' value='1474544'   \/><label for='answer-id-1474544' id='answer-label-1474544' class=' answer'><span>Chief Executive Officer<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378866[]' id='answer-id-1474545' class='answer   answerof-378866 ' value='1474545'   \/><label for='answer-id-1474545' id='answer-label-1474545' class=' answer'><span>Chief Information Officer<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378866[]' id='answer-id-1474546' class='answer   answerof-378866 ' value='1474546'   \/><label for='answer-id-1474546' id='answer-label-1474546' class=' answer'><span>Chief Legal Counsel<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-68' style=';'><div id='questionWrap-68'  class='   watupro-question-id-378867'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>68. <\/span>The success of the Chief Information Security Officer is MOST dependent upon:<\/div><input type='hidden' name='question_id[]' id='qID_68' value='378867' \/><input type='hidden' id='answerType378867' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378867[]' id='answer-id-1474547' class='answer   answerof-378867 ' value='1474547'   \/><label for='answer-id-1474547' id='answer-label-1474547' class=' answer'><span>favorable audit findings<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378867[]' id='answer-id-1474548' class='answer   answerof-378867 ' value='1474548'   \/><label for='answer-id-1474548' id='answer-label-1474548' class=' answer'><span>following the recommendations of consultants and contractors<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378867[]' id='answer-id-1474549' class='answer   answerof-378867 ' value='1474549'   \/><label for='answer-id-1474549' id='answer-label-1474549' class=' answer'><span>development of relationships with organization executives<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378867[]' id='answer-id-1474550' class='answer   answerof-378867 ' value='1474550'   \/><label for='answer-id-1474550' id='answer-label-1474550' class=' answer'><span>raising awareness of security issues with end users<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-69' style=';'><div id='questionWrap-69'  class='   watupro-question-id-378868'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>69. <\/span>An organization information security policy serves to<\/div><input type='hidden' name='question_id[]' id='qID_69' value='378868' \/><input type='hidden' id='answerType378868' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378868[]' id='answer-id-1474551' class='answer   answerof-378868 ' value='1474551'   \/><label for='answer-id-1474551' id='answer-label-1474551' class=' answer'><span>establish budgetary input in order to meet compliance requirements<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378868[]' id='answer-id-1474552' class='answer   answerof-378868 ' value='1474552'   \/><label for='answer-id-1474552' id='answer-label-1474552' class=' answer'><span>establish acceptable systems and user behavior<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378868[]' id='answer-id-1474553' class='answer   answerof-378868 ' value='1474553'   \/><label for='answer-id-1474553' id='answer-label-1474553' class=' answer'><span>define security configurations for systems<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378868[]' id='answer-id-1474554' class='answer   answerof-378868 ' value='1474554'   \/><label for='answer-id-1474554' id='answer-label-1474554' class=' answer'><span>define relationships with external law enforcement agencies<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-70' style=';'><div id='questionWrap-70'  class='   watupro-question-id-378869'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>70. <\/span>Information security policies should be reviewed:<\/div><input type='hidden' name='question_id[]' id='qID_70' value='378869' \/><input type='hidden' id='answerType378869' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378869[]' id='answer-id-1474555' class='answer   answerof-378869 ' value='1474555'   \/><label for='answer-id-1474555' id='answer-label-1474555' class=' answer'><span>by stakeholders at least annually<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378869[]' id='answer-id-1474556' class='answer   answerof-378869 ' value='1474556'   \/><label for='answer-id-1474556' id='answer-label-1474556' class=' answer'><span>by the CISO when new systems are brought online<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378869[]' id='answer-id-1474557' class='answer   answerof-378869 ' value='1474557'   \/><label for='answer-id-1474557' id='answer-label-1474557' class=' answer'><span>by the Incident Response team after an audit<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378869[]' id='answer-id-1474558' class='answer   answerof-378869 ' value='1474558'   \/><label for='answer-id-1474558' id='answer-label-1474558' class=' answer'><span>by internal audit semiannually<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-71' style=';'><div id='questionWrap-71'  class='   watupro-question-id-378870'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>71. <\/span>Who is responsible for securing networks during a security incident?<\/div><input type='hidden' name='question_id[]' id='qID_71' value='378870' \/><input type='hidden' id='answerType378870' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378870[]' id='answer-id-1474559' class='answer   answerof-378870 ' value='1474559'   \/><label for='answer-id-1474559' id='answer-label-1474559' class=' answer'><span>Chief Information Security Officer (CISO)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378870[]' id='answer-id-1474560' class='answer   answerof-378870 ' value='1474560'   \/><label for='answer-id-1474560' id='answer-label-1474560' class=' answer'><span>Security Operations Center (SO<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378870[]' id='answer-id-1474561' class='answer   answerof-378870 ' value='1474561'   \/><label for='answer-id-1474561' id='answer-label-1474561' class=' answer'><span>Disaster Recovery (DR) manager<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378870[]' id='answer-id-1474562' class='answer   answerof-378870 ' value='1474562'   \/><label for='answer-id-1474562' id='answer-label-1474562' class=' answer'><span>Incident Response Team (IRT)<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-72' style=';'><div id='questionWrap-72'  class='   watupro-question-id-378871'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>72. <\/span>Which of the following is a critical operational component of an Incident Response Program (IRP)?<\/div><input type='hidden' name='question_id[]' id='qID_72' value='378871' \/><input type='hidden' id='answerType378871' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378871[]' id='answer-id-1474563' class='answer   answerof-378871 ' value='1474563'   \/><label for='answer-id-1474563' id='answer-label-1474563' class=' answer'><span>Weekly program budget reviews to ensure the percentage of program funding remains constant.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378871[]' id='answer-id-1474564' class='answer   answerof-378871 ' value='1474564'   \/><label for='answer-id-1474564' id='answer-label-1474564' class=' answer'><span>Annual review of program charters, policies, procedures and organizational agreements.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378871[]' id='answer-id-1474565' class='answer   answerof-378871 ' value='1474565'   \/><label for='answer-id-1474565' id='answer-label-1474565' class=' answer'><span>Daily monitoring of vulnerability advisories relating to your organization\u2019s deployed technologies.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378871[]' id='answer-id-1474566' class='answer   answerof-378871 ' value='1474566'   \/><label for='answer-id-1474566' id='answer-label-1474566' class=' answer'><span>Monthly program tests to ensure resource allocation is sufficient for supporting the needs of the organization<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-73' style=';'><div id='questionWrap-73'  class='   watupro-question-id-378872'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>73. <\/span>What is the first thing that needs to be completed in order to create a security program for your organization?<\/div><input type='hidden' name='question_id[]' id='qID_73' value='378872' \/><input type='hidden' id='answerType378872' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378872[]' id='answer-id-1474567' class='answer   answerof-378872 ' value='1474567'   \/><label for='answer-id-1474567' id='answer-label-1474567' class=' answer'><span>Risk assessment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378872[]' id='answer-id-1474568' class='answer   answerof-378872 ' value='1474568'   \/><label for='answer-id-1474568' id='answer-label-1474568' class=' answer'><span>Security program budget<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378872[]' id='answer-id-1474569' class='answer   answerof-378872 ' value='1474569'   \/><label for='answer-id-1474569' id='answer-label-1474569' class=' answer'><span>Business continuity plan<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378872[]' id='answer-id-1474570' class='answer   answerof-378872 ' value='1474570'   \/><label for='answer-id-1474570' id='answer-label-1474570' class=' answer'><span>Compliance and regulatory analysis<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-74' style=';'><div id='questionWrap-74'  class='   watupro-question-id-378873'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>74. <\/span>What is the main purpose of the Incident Response Team?<\/div><input type='hidden' name='question_id[]' id='qID_74' value='378873' \/><input type='hidden' id='answerType378873' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378873[]' id='answer-id-1474571' class='answer   answerof-378873 ' value='1474571'   \/><label for='answer-id-1474571' id='answer-label-1474571' class=' answer'><span>Ensure efficient recovery and reinstate repaired systems<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378873[]' id='answer-id-1474572' class='answer   answerof-378873 ' value='1474572'   \/><label for='answer-id-1474572' id='answer-label-1474572' class=' answer'><span>Create effective policies detailing program activities<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378873[]' id='answer-id-1474573' class='answer   answerof-378873 ' value='1474573'   \/><label for='answer-id-1474573' id='answer-label-1474573' class=' answer'><span>Communicate details of information security incidents<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378873[]' id='answer-id-1474574' class='answer   answerof-378873 ' value='1474574'   \/><label for='answer-id-1474574' id='answer-label-1474574' class=' answer'><span>Provide current employee awareness programs<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-75' style=';'><div id='questionWrap-75'  class='   watupro-question-id-378874'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>75. <\/span>Which of the following is a weakness of an asset or group of assets that can be exploited by one or more threats?<\/div><input type='hidden' name='question_id[]' id='qID_75' value='378874' \/><input type='hidden' id='answerType378874' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378874[]' id='answer-id-1474575' class='answer   answerof-378874 ' value='1474575'   \/><label for='answer-id-1474575' id='answer-label-1474575' class=' answer'><span>Threat<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378874[]' id='answer-id-1474576' class='answer   answerof-378874 ' value='1474576'   \/><label for='answer-id-1474576' id='answer-label-1474576' class=' answer'><span>Vulnerability<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378874[]' id='answer-id-1474577' class='answer   answerof-378874 ' value='1474577'   \/><label for='answer-id-1474577' id='answer-label-1474577' class=' answer'><span>Attack vector<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378874[]' id='answer-id-1474578' class='answer   answerof-378874 ' value='1474578'   \/><label for='answer-id-1474578' id='answer-label-1474578' class=' answer'><span>Exploitation<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-76' style=';'><div id='questionWrap-76'  class='   watupro-question-id-378875'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>76. <\/span>Within an organization\u2019s vulnerability management program, who has the responsibility to implement remediation actions?<\/div><input type='hidden' name='question_id[]' id='qID_76' value='378875' \/><input type='hidden' id='answerType378875' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378875[]' id='answer-id-1474579' class='answer   answerof-378875 ' value='1474579'   \/><label for='answer-id-1474579' id='answer-label-1474579' class=' answer'><span>Security officer<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378875[]' id='answer-id-1474580' class='answer   answerof-378875 ' value='1474580'   \/><label for='answer-id-1474580' id='answer-label-1474580' class=' answer'><span>Data owner<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378875[]' id='answer-id-1474581' class='answer   answerof-378875 ' value='1474581'   \/><label for='answer-id-1474581' id='answer-label-1474581' class=' answer'><span>Vulnerability engineer<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378875[]' id='answer-id-1474582' class='answer   answerof-378875 ' value='1474582'   \/><label for='answer-id-1474582' id='answer-label-1474582' class=' answer'><span>System administrator<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-77' style=';'><div id='questionWrap-77'  class='   watupro-question-id-378876'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>77. <\/span>The Information Security Management program MUST protect:<\/div><input type='hidden' name='question_id[]' id='qID_77' value='378876' \/><input type='hidden' id='answerType378876' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378876[]' id='answer-id-1474583' class='answer   answerof-378876 ' value='1474583'   \/><label for='answer-id-1474583' id='answer-label-1474583' class=' answer'><span>all organizational assets<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378876[]' id='answer-id-1474584' class='answer   answerof-378876 ' value='1474584'   \/><label for='answer-id-1474584' id='answer-label-1474584' class=' answer'><span>critical business processes and \/or revenue streams<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378876[]' id='answer-id-1474585' class='answer   answerof-378876 ' value='1474585'   \/><label for='answer-id-1474585' id='answer-label-1474585' class=' answer'><span>intellectual property released into the public domain<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378876[]' id='answer-id-1474586' class='answer   answerof-378876 ' value='1474586'   \/><label for='answer-id-1474586' id='answer-label-1474586' class=' answer'><span>against distributed denial of service attacks<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-78' style=';'><div id='questionWrap-78'  class='   watupro-question-id-378877'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>78. <\/span>What is the MAIN reason for conflicts between Information Technology and Information Security programs?<\/div><input type='hidden' name='question_id[]' id='qID_78' value='378877' \/><input type='hidden' id='answerType378877' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378877[]' id='answer-id-1474587' class='answer   answerof-378877 ' value='1474587'   \/><label for='answer-id-1474587' id='answer-label-1474587' class=' answer'><span>Technology governance defines technology policies and standards while security governance does not.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378877[]' id='answer-id-1474588' class='answer   answerof-378877 ' value='1474588'   \/><label for='answer-id-1474588' id='answer-label-1474588' class=' answer'><span>Security governance defines technology best practices and Information Technology governance does not.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378877[]' id='answer-id-1474589' class='answer   answerof-378877 ' value='1474589'   \/><label for='answer-id-1474589' id='answer-label-1474589' class=' answer'><span>Technology Governance is focused on process risks whereas Security Governance is focused on business risk.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378877[]' id='answer-id-1474590' class='answer   answerof-378877 ' value='1474590'   \/><label for='answer-id-1474590' id='answer-label-1474590' class=' answer'><span>The effective implementation of security controls can be viewed as an inhibitor to rapid Information Technology implementations.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-79' style=';'><div id='questionWrap-79'  class='   watupro-question-id-378878'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>79. <\/span>The Information Security Governance program MUST:<\/div><input type='hidden' name='question_id[]' id='qID_79' value='378878' \/><input type='hidden' id='answerType378878' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378878[]' id='answer-id-1474591' class='answer   answerof-378878 ' value='1474591'   \/><label for='answer-id-1474591' id='answer-label-1474591' class=' answer'><span>integrate with other organizational governance processes<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378878[]' id='answer-id-1474592' class='answer   answerof-378878 ' value='1474592'   \/><label for='answer-id-1474592' id='answer-label-1474592' class=' answer'><span>support user choice for Bring Your Own Device (BYOD)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378878[]' id='answer-id-1474593' class='answer   answerof-378878 ' value='1474593'   \/><label for='answer-id-1474593' id='answer-label-1474593' class=' answer'><span>integrate with other organizational governance processes<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378878[]' id='answer-id-1474594' class='answer   answerof-378878 ' value='1474594'   \/><label for='answer-id-1474594' id='answer-label-1474594' class=' answer'><span>show a return on investment for the organization<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-80' style=';'><div id='questionWrap-80'  class='   watupro-question-id-378879'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>80. <\/span>A security officer wants to implement a vulnerability scanning program. The officer is uncertain of the state of vulnerability resiliency within the organization\u2019s large IT infrastructure. <br \/>\r<br>What would be the BEST approach to minimize scan data output while retaining a realistic view of system vulnerability?<\/div><input type='hidden' name='question_id[]' id='qID_80' value='378879' \/><input type='hidden' id='answerType378879' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378879[]' id='answer-id-1474595' class='answer   answerof-378879 ' value='1474595'   \/><label for='answer-id-1474595' id='answer-label-1474595' class=' answer'><span>Scan a representative sample of systems<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378879[]' id='answer-id-1474596' class='answer   answerof-378879 ' value='1474596'   \/><label for='answer-id-1474596' id='answer-label-1474596' class=' answer'><span>Perform the scans only during off-business hours<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378879[]' id='answer-id-1474597' class='answer   answerof-378879 ' value='1474597'   \/><label for='answer-id-1474597' id='answer-label-1474597' class=' answer'><span>Decrease the vulnerabilities within the scan tool settings<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378879[]' id='answer-id-1474598' class='answer   answerof-378879 ' value='1474598'   \/><label for='answer-id-1474598' id='answer-label-1474598' class=' answer'><span>Filter the scan output so only pertinent data is analyzed<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-81' style=';'><div id='questionWrap-81'  class='   watupro-question-id-378880'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>81. <\/span>When creating a vulnerability scan schedule, who is the MOST critical person to communicate with in order to ensure impact of the scan is minimized?<\/div><input type='hidden' name='question_id[]' id='qID_81' value='378880' \/><input type='hidden' id='answerType378880' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378880[]' id='answer-id-1474599' class='answer   answerof-378880 ' value='1474599'   \/><label for='answer-id-1474599' id='answer-label-1474599' class=' answer'><span>The asset owner<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378880[]' id='answer-id-1474600' class='answer   answerof-378880 ' value='1474600'   \/><label for='answer-id-1474600' id='answer-label-1474600' class=' answer'><span>The asset manager<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378880[]' id='answer-id-1474601' class='answer   answerof-378880 ' value='1474601'   \/><label for='answer-id-1474601' id='answer-label-1474601' class=' answer'><span>The data custodian<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378880[]' id='answer-id-1474602' class='answer   answerof-378880 ' value='1474602'   \/><label for='answer-id-1474602' id='answer-label-1474602' class=' answer'><span>The project manager<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-82' style=';'><div id='questionWrap-82'  class='   watupro-question-id-378881'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>82. <\/span>Which of the following functions MUST your Information Security Governance program include for formal organizational reporting?<\/div><input type='hidden' name='question_id[]' id='qID_82' value='378881' \/><input type='hidden' id='answerType378881' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378881[]' id='answer-id-1474603' class='answer   answerof-378881 ' value='1474603'   \/><label for='answer-id-1474603' id='answer-label-1474603' class=' answer'><span>Audit and Legal<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378881[]' id='answer-id-1474604' class='answer   answerof-378881 ' value='1474604'   \/><label for='answer-id-1474604' id='answer-label-1474604' class=' answer'><span>Budget and Compliance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378881[]' id='answer-id-1474605' class='answer   answerof-378881 ' value='1474605'   \/><label for='answer-id-1474605' id='answer-label-1474605' class=' answer'><span>Human Resources and Budget<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378881[]' id='answer-id-1474606' class='answer   answerof-378881 ' value='1474606'   \/><label for='answer-id-1474606' id='answer-label-1474606' class=' answer'><span>Legal and Human Resources<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-83' style=';'><div id='questionWrap-83'  class='   watupro-question-id-378882'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>83. <\/span>Risk appetite directly affects what part of a vulnerability management program?<\/div><input type='hidden' name='question_id[]' id='qID_83' value='378882' \/><input type='hidden' id='answerType378882' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378882[]' id='answer-id-1474607' class='answer   answerof-378882 ' value='1474607'   \/><label for='answer-id-1474607' id='answer-label-1474607' class=' answer'><span>Staff<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378882[]' id='answer-id-1474608' class='answer   answerof-378882 ' value='1474608'   \/><label for='answer-id-1474608' id='answer-label-1474608' class=' answer'><span>Scope<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378882[]' id='answer-id-1474609' class='answer   answerof-378882 ' value='1474609'   \/><label for='answer-id-1474609' id='answer-label-1474609' class=' answer'><span>Schedule<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378882[]' id='answer-id-1474610' class='answer   answerof-378882 ' value='1474610'   \/><label for='answer-id-1474610' id='answer-label-1474610' class=' answer'><span>Scan tools<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-84' style=';'><div id='questionWrap-84'  class='   watupro-question-id-378883'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>84. <\/span>When choosing a risk mitigation method what is the MOST important factor?<\/div><input type='hidden' name='question_id[]' id='qID_84' value='378883' \/><input type='hidden' id='answerType378883' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378883[]' id='answer-id-1474611' class='answer   answerof-378883 ' value='1474611'   \/><label for='answer-id-1474611' id='answer-label-1474611' class=' answer'><span>Approval from the board of directors<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378883[]' id='answer-id-1474612' class='answer   answerof-378883 ' value='1474612'   \/><label for='answer-id-1474612' id='answer-label-1474612' class=' answer'><span>Cost of the mitigation is less than the risk<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378883[]' id='answer-id-1474613' class='answer   answerof-378883 ' value='1474613'   \/><label for='answer-id-1474613' id='answer-label-1474613' class=' answer'><span>Metrics of mitigation method success<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378883[]' id='answer-id-1474614' class='answer   answerof-378883 ' value='1474614'   \/><label for='answer-id-1474614' id='answer-label-1474614' class=' answer'><span>Mitigation method complies with PCI regulations<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-85' style=';'><div id='questionWrap-85'  class='   watupro-question-id-378884'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>85. <\/span>Payment Card Industry (PCI) compliance requirements are based on what criteria?<\/div><input type='hidden' name='question_id[]' id='qID_85' value='378884' \/><input type='hidden' id='answerType378884' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378884[]' id='answer-id-1474615' class='answer   answerof-378884 ' value='1474615'   \/><label for='answer-id-1474615' id='answer-label-1474615' class=' answer'><span>The types of cardholder data retained<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378884[]' id='answer-id-1474616' class='answer   answerof-378884 ' value='1474616'   \/><label for='answer-id-1474616' id='answer-label-1474616' class=' answer'><span>The duration card holder data is retained<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378884[]' id='answer-id-1474617' class='answer   answerof-378884 ' value='1474617'   \/><label for='answer-id-1474617' id='answer-label-1474617' class=' answer'><span>The size of the organization processing credit card data<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378884[]' id='answer-id-1474618' class='answer   answerof-378884 ' value='1474618'   \/><label for='answer-id-1474618' id='answer-label-1474618' class=' answer'><span>The number of transactions performed per year by an organization<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-86' style=';'><div id='questionWrap-86'  class='   watupro-question-id-378885'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>86. <\/span>Which of the following provides an audit framework?<\/div><input type='hidden' name='question_id[]' id='qID_86' value='378885' \/><input type='hidden' id='answerType378885' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378885[]' id='answer-id-1474619' class='answer   answerof-378885 ' value='1474619'   \/><label for='answer-id-1474619' id='answer-label-1474619' class=' answer'><span>Control Objectives for IT (COBIT)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378885[]' id='answer-id-1474620' class='answer   answerof-378885 ' value='1474620'   \/><label for='answer-id-1474620' id='answer-label-1474620' class=' answer'><span>Payment Card Industry-Data Security Standard (PCI-DSS)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378885[]' id='answer-id-1474621' class='answer   answerof-378885 ' value='1474621'   \/><label for='answer-id-1474621' id='answer-label-1474621' class=' answer'><span>International Organization Standard (ISO) 27002<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378885[]' id='answer-id-1474622' class='answer   answerof-378885 ' value='1474622'   \/><label for='answer-id-1474622' id='answer-label-1474622' class=' answer'><span>National Institute of Standards and Technology (NIST) SP 800-30<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-87' style=';'><div id='questionWrap-87'  class='   watupro-question-id-378886'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>87. <\/span>Which of the following is used to establish and maintain a framework to provide assurance that information security strategies are aligned with organizational objectives?<\/div><input type='hidden' name='question_id[]' id='qID_87' value='378886' \/><input type='hidden' id='answerType378886' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378886[]' id='answer-id-1474623' class='answer   answerof-378886 ' value='1474623'   \/><label for='answer-id-1474623' id='answer-label-1474623' class=' answer'><span>Awareness<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378886[]' id='answer-id-1474624' class='answer   answerof-378886 ' value='1474624'   \/><label for='answer-id-1474624' id='answer-label-1474624' class=' answer'><span>Compliance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378886[]' id='answer-id-1474625' class='answer   answerof-378886 ' value='1474625'   \/><label for='answer-id-1474625' id='answer-label-1474625' class=' answer'><span>Governance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378886[]' id='answer-id-1474626' class='answer   answerof-378886 ' value='1474626'   \/><label for='answer-id-1474626' id='answer-label-1474626' class=' answer'><span>Management<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-88' style=';'><div id='questionWrap-88'  class='   watupro-question-id-378887'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>88. <\/span>Which of the following represents the HIGHEST negative impact resulting from an ineffective security governance program?<\/div><input type='hidden' name='question_id[]' id='qID_88' value='378887' \/><input type='hidden' id='answerType378887' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378887[]' id='answer-id-1474627' class='answer   answerof-378887 ' value='1474627'   \/><label for='answer-id-1474627' id='answer-label-1474627' class=' answer'><span>Reduction of budget<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378887[]' id='answer-id-1474628' class='answer   answerof-378887 ' value='1474628'   \/><label for='answer-id-1474628' id='answer-label-1474628' class=' answer'><span>Decreased security awareness<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378887[]' id='answer-id-1474629' class='answer   answerof-378887 ' value='1474629'   \/><label for='answer-id-1474629' id='answer-label-1474629' class=' answer'><span>Improper use of information resources<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378887[]' id='answer-id-1474630' class='answer   answerof-378887 ' value='1474630'   \/><label for='answer-id-1474630' id='answer-label-1474630' class=' answer'><span>Fines for regulatory non-compliance<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-89' style=';'><div id='questionWrap-89'  class='   watupro-question-id-378888'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>89. <\/span>The purpose of NIST SP 800-53 as part of the NIST System Certification and Accreditation Project is to establish a set of standardized, minimum security controls for IT systems addressing low, moderate, and high levels of concern for<\/div><input type='hidden' name='question_id[]' id='qID_89' value='378888' \/><input type='hidden' id='answerType378888' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378888[]' id='answer-id-1474631' class='answer   answerof-378888 ' value='1474631'   \/><label for='answer-id-1474631' id='answer-label-1474631' class=' answer'><span>Confidentiality, Integrity and Availability<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378888[]' id='answer-id-1474632' class='answer   answerof-378888 ' value='1474632'   \/><label for='answer-id-1474632' id='answer-label-1474632' class=' answer'><span>Assurance, Compliance and Availability<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378888[]' id='answer-id-1474633' class='answer   answerof-378888 ' value='1474633'   \/><label for='answer-id-1474633' id='answer-label-1474633' class=' answer'><span>International Compliance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378888[]' id='answer-id-1474634' class='answer   answerof-378888 ' value='1474634'   \/><label for='answer-id-1474634' id='answer-label-1474634' class=' answer'><span>Integrity and Availability<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-90' style=';'><div id='questionWrap-90'  class='   watupro-question-id-378889'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>90. <\/span>When deploying an Intrusion Prevention System (IPS) the BEST way to get maximum protection from the system is to deploy it<\/div><input type='hidden' name='question_id[]' id='qID_90' value='378889' \/><input type='hidden' id='answerType378889' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378889[]' id='answer-id-1474635' class='answer   answerof-378889 ' value='1474635'   \/><label for='answer-id-1474635' id='answer-label-1474635' class=' answer'><span>In promiscuous mode and only detect malicious traffic.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378889[]' id='answer-id-1474636' class='answer   answerof-378889 ' value='1474636'   \/><label for='answer-id-1474636' id='answer-label-1474636' class=' answer'><span>In-line and turn on blocking mode to stop malicious traffic.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378889[]' id='answer-id-1474637' class='answer   answerof-378889 ' value='1474637'   \/><label for='answer-id-1474637' id='answer-label-1474637' class=' answer'><span>In promiscuous mode and block malicious traffic.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378889[]' id='answer-id-1474638' class='answer   answerof-378889 ' value='1474638'   \/><label for='answer-id-1474638' id='answer-label-1474638' class=' answer'><span>In-line and turn on alert mode to stop malicious traffic.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-91' style=';'><div id='questionWrap-91'  class='   watupro-question-id-378890'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>91. <\/span>What is the BEST way to achieve on-going compliance monitoring in an organization?<\/div><input type='hidden' name='question_id[]' id='qID_91' value='378890' \/><input type='hidden' id='answerType378890' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378890[]' id='answer-id-1474639' class='answer   answerof-378890 ' value='1474639'   \/><label for='answer-id-1474639' id='answer-label-1474639' class=' answer'><span>Only check compliance right before the auditors are scheduled to arrive onsite.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378890[]' id='answer-id-1474640' class='answer   answerof-378890 ' value='1474640'   \/><label for='answer-id-1474640' id='answer-label-1474640' class=' answer'><span>Outsource compliance to a 3rd party vendor and let them manage the program.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378890[]' id='answer-id-1474641' class='answer   answerof-378890 ' value='1474641'   \/><label for='answer-id-1474641' id='answer-label-1474641' class=' answer'><span>Have Compliance and Information Security partner to correct issues as they arise.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378890[]' id='answer-id-1474642' class='answer   answerof-378890 ' value='1474642'   \/><label for='answer-id-1474642' id='answer-label-1474642' class=' answer'><span>Have Compliance direct Information Security to fix issues after the auditors report.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-92' style=';'><div id='questionWrap-92'  class='   watupro-question-id-378891'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>92. <\/span>Which of the following is the MOST important for a CISO to understand when identifying threats?<\/div><input type='hidden' name='question_id[]' id='qID_92' value='378891' \/><input type='hidden' id='answerType378891' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378891[]' id='answer-id-1474643' class='answer   answerof-378891 ' value='1474643'   \/><label for='answer-id-1474643' id='answer-label-1474643' class=' answer'><span>How vulnerabilities can potentially be exploited in systems that impact the organization<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378891[]' id='answer-id-1474644' class='answer   answerof-378891 ' value='1474644'   \/><label for='answer-id-1474644' id='answer-label-1474644' class=' answer'><span>How the security operations team will behave to reported incidents<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378891[]' id='answer-id-1474645' class='answer   answerof-378891 ' value='1474645'   \/><label for='answer-id-1474645' id='answer-label-1474645' class=' answer'><span>How the firewall and other security devices are configured to prevent attacks<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378891[]' id='answer-id-1474646' class='answer   answerof-378891 ' value='1474646'   \/><label for='answer-id-1474646' id='answer-label-1474646' class=' answer'><span>How the incident management team prepares to handle an attack<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-93' style=';'><div id='questionWrap-93'  class='   watupro-question-id-378892'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>93. <\/span>Which of the following are the MOST important factors for proactively determining system vulnerabilities?<\/div><input type='hidden' name='question_id[]' id='qID_93' value='378892' \/><input type='hidden' id='answerType378892' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378892[]' id='answer-id-1474647' class='answer   answerof-378892 ' value='1474647'   \/><label for='answer-id-1474647' id='answer-label-1474647' class=' answer'><span>Subscribe to vendor mailing list to get notification of system vulnerabilities<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378892[]' id='answer-id-1474648' class='answer   answerof-378892 ' value='1474648'   \/><label for='answer-id-1474648' id='answer-label-1474648' class=' answer'><span>Deploy Intrusion Detection System (IDS) and install anti-virus on systems<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378892[]' id='answer-id-1474649' class='answer   answerof-378892 ' value='1474649'   \/><label for='answer-id-1474649' id='answer-label-1474649' class=' answer'><span>Configure firewall, perimeter router and Intrusion Prevention System (IPS)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378892[]' id='answer-id-1474650' class='answer   answerof-378892 ' value='1474650'   \/><label for='answer-id-1474650' id='answer-label-1474650' class=' answer'><span>Conduct security testing, vulnerability scanning, and penetration testing<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-94' style=';'><div id='questionWrap-94'  class='   watupro-question-id-378893'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>94. <\/span>What role should the CISO play in properly scoping a PCI environment?<\/div><input type='hidden' name='question_id[]' id='qID_94' value='378893' \/><input type='hidden' id='answerType378893' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378893[]' id='answer-id-1474651' class='answer   answerof-378893 ' value='1474651'   \/><label for='answer-id-1474651' id='answer-label-1474651' class=' answer'><span>Validate the business units\u2019 suggestions as to what should be included in the scoping process<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378893[]' id='answer-id-1474652' class='answer   answerof-378893 ' value='1474652'   \/><label for='answer-id-1474652' id='answer-label-1474652' class=' answer'><span>Work with a Qualified Security Assessor (QSA) to determine the scope of the PCI environment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378893[]' id='answer-id-1474653' class='answer   answerof-378893 ' value='1474653'   \/><label for='answer-id-1474653' id='answer-label-1474653' class=' answer'><span>Ensure internal scope validation is completed and that an assessment has been done to discover all credit card data<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378893[]' id='answer-id-1474654' class='answer   answerof-378893 ' value='1474654'   \/><label for='answer-id-1474654' id='answer-label-1474654' class=' answer'><span>Complete the self-assessment questionnaire and work with an Approved Scanning Vendor (ASV) to determine scope<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-95' style=';'><div id='questionWrap-95'  class='   watupro-question-id-378894'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>95. <\/span>What should an organization do to ensure that they have a sound Business Continuity (BC) Plan?<\/div><input type='hidden' name='question_id[]' id='qID_95' value='378894' \/><input type='hidden' id='answerType378894' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378894[]' id='answer-id-1474655' class='answer   answerof-378894 ' value='1474655'   \/><label for='answer-id-1474655' id='answer-label-1474655' class=' answer'><span>Test every three years to ensure that things work as planned<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378894[]' id='answer-id-1474656' class='answer   answerof-378894 ' value='1474656'   \/><label for='answer-id-1474656' id='answer-label-1474656' class=' answer'><span>Conduct periodic tabletop exercises to refine the BC plan<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378894[]' id='answer-id-1474657' class='answer   answerof-378894 ' value='1474657'   \/><label for='answer-id-1474657' id='answer-label-1474657' class=' answer'><span>Outsource the creation and execution of the BC plan to a third party vendor<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378894[]' id='answer-id-1474658' class='answer   answerof-378894 ' value='1474658'   \/><label for='answer-id-1474658' id='answer-label-1474658' class=' answer'><span>Conduct a Disaster Recovery (DR) exercise every year to test the plan<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-96' style=';'><div id='questionWrap-96'  class='   watupro-question-id-378895'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>96. <\/span>What is the SECOND step to creating a risk management methodology according to the National Institute of Standards and Technology (NIST) SP 800-30 standard?<\/div><input type='hidden' name='question_id[]' id='qID_96' value='378895' \/><input type='hidden' id='answerType378895' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378895[]' id='answer-id-1474659' class='answer   answerof-378895 ' value='1474659'   \/><label for='answer-id-1474659' id='answer-label-1474659' class=' answer'><span>Determine appetite<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378895[]' id='answer-id-1474660' class='answer   answerof-378895 ' value='1474660'   \/><label for='answer-id-1474660' id='answer-label-1474660' class=' answer'><span>Evaluate risk avoidance criteria<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378895[]' id='answer-id-1474661' class='answer   answerof-378895 ' value='1474661'   \/><label for='answer-id-1474661' id='answer-label-1474661' class=' answer'><span>Perform a risk assessment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378895[]' id='answer-id-1474662' class='answer   answerof-378895 ' value='1474662'   \/><label for='answer-id-1474662' id='answer-label-1474662' class=' answer'><span>Mitigate risk<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-97' style=';'><div id='questionWrap-97'  class='   watupro-question-id-378896'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>97. <\/span>According to the National Institute of Standards and Technology (NIST) SP 800-40, which of the following considerations are MOST important when creating a vulnerability management program?<\/div><input type='hidden' name='question_id[]' id='qID_97' value='378896' \/><input type='hidden' id='answerType378896' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378896[]' id='answer-id-1474663' class='answer   answerof-378896 ' value='1474663'   \/><label for='answer-id-1474663' id='answer-label-1474663' class=' answer'><span>Susceptibility to attack, mitigation response time, and cost<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378896[]' id='answer-id-1474664' class='answer   answerof-378896 ' value='1474664'   \/><label for='answer-id-1474664' id='answer-label-1474664' class=' answer'><span>Attack vectors, controls cost, and investigation staffing needs<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378896[]' id='answer-id-1474665' class='answer   answerof-378896 ' value='1474665'   \/><label for='answer-id-1474665' id='answer-label-1474665' class=' answer'><span>Vulnerability exploitation, attack recovery, and mean time to repair<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378896[]' id='answer-id-1474666' class='answer   answerof-378896 ' value='1474666'   \/><label for='answer-id-1474666' id='answer-label-1474666' class=' answer'><span>Susceptibility to attack, expected duration of attack, and mitigation availability<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-98' style=';'><div id='questionWrap-98'  class='   watupro-question-id-378897'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>98. <\/span>Which of the following best represents a calculation for Annual Loss Expectancy (ALE)?<\/div><input type='hidden' name='question_id[]' id='qID_98' value='378897' \/><input type='hidden' id='answerType378897' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378897[]' id='answer-id-1474667' class='answer   answerof-378897 ' value='1474667'   \/><label for='answer-id-1474667' id='answer-label-1474667' class=' answer'><span>Single loss expectancy multiplied by the annual rate of occurrence<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378897[]' id='answer-id-1474668' class='answer   answerof-378897 ' value='1474668'   \/><label for='answer-id-1474668' id='answer-label-1474668' class=' answer'><span>Total loss expectancy multiplied by the total loss frequency<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378897[]' id='answer-id-1474669' class='answer   answerof-378897 ' value='1474669'   \/><label for='answer-id-1474669' id='answer-label-1474669' class=' answer'><span>Value of the asset multiplied by the loss expectancy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378897[]' id='answer-id-1474670' class='answer   answerof-378897 ' value='1474670'   \/><label for='answer-id-1474670' id='answer-label-1474670' class=' answer'><span>Replacement cost multiplied by the single loss expectancy<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-99' style=';'><div id='questionWrap-99'  class='   watupro-question-id-378898'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>99. <\/span>When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?<\/div><input type='hidden' name='question_id[]' id='qID_99' value='378898' \/><input type='hidden' id='answerType378898' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378898[]' id='answer-id-1474671' class='answer   answerof-378898 ' value='1474671'   \/><label for='answer-id-1474671' id='answer-label-1474671' class=' answer'><span>ISO 27001<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378898[]' id='answer-id-1474672' class='answer   answerof-378898 ' value='1474672'   \/><label for='answer-id-1474672' id='answer-label-1474672' class=' answer'><span>PRINCE2<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378898[]' id='answer-id-1474673' class='answer   answerof-378898 ' value='1474673'   \/><label for='answer-id-1474673' id='answer-label-1474673' class=' answer'><span>ISO 27004<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378898[]' id='answer-id-1474674' class='answer   answerof-378898 ' value='1474674'   \/><label for='answer-id-1474674' id='answer-label-1474674' class=' answer'><span>ITILv3<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-100' style=';'><div id='questionWrap-100'  class='   watupro-question-id-378899'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>100. <\/span>The regular review of a firewall ruleset is considered a<\/div><input type='hidden' name='question_id[]' id='qID_100' value='378899' \/><input type='hidden' id='answerType378899' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378899[]' id='answer-id-1474675' class='answer   answerof-378899 ' value='1474675'   \/><label for='answer-id-1474675' id='answer-label-1474675' class=' answer'><span>Procedural control<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378899[]' id='answer-id-1474676' class='answer   answerof-378899 ' value='1474676'   \/><label for='answer-id-1474676' id='answer-label-1474676' class=' answer'><span>Organization control<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378899[]' id='answer-id-1474677' class='answer   answerof-378899 ' value='1474677'   \/><label for='answer-id-1474677' id='answer-label-1474677' class=' answer'><span>Technical control<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-378899[]' id='answer-id-1474678' class='answer   answerof-378899 ' value='1474678'   \/><label for='answer-id-1474678' id='answer-label-1474678' class=' answer'><span>Management control<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div style='display:none' id='question-101'>\n\t<div class='question-content'>\n\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\" alt=\"Loading...\" title=\"Loading...\" \/>&nbsp;Loading...\t<\/div>\n<\/div>\n\n<br \/>\n\t\n\t\t\t<div class=\"watupro_buttons flex \" id=\"watuPROButtons9466\" >\n\t\t  <div id=\"prev-question\" style=\"display:none;\"><input type=\"button\" value=\"&lt; Previous\" onclick=\"WatuPRO.nextQuestion(event, 'previous');\"\/><\/div>\t\t  \t\t  \t\t   \n\t\t   \t  \t\t<div><input type=\"button\" name=\"action\" class=\"watupro-submit-button\" onclick=\"WatuPRO.submitResult(event)\" id=\"action-button\" value=\"View Results\"  \/>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\n\t<input type=\"hidden\" name=\"quiz_id\" value=\"9466\" id=\"watuPROExamID\"\/>\n\t<input type=\"hidden\" name=\"start_time\" id=\"startTime\" value=\"2026-05-05 15:56:45\" \/>\n\t<input type=\"hidden\" name=\"start_timestamp\" id=\"startTimeStamp\" value=\"1777996605\" \/>\n\t<input type=\"hidden\" name=\"question_ids\" value=\"\" \/>\n\t<input type=\"hidden\" name=\"watupro_questions\" value=\"378800:1474279,1474280,1474281,1474282 | 378801:1474283,1474284,1474285,1474286 | 378802:1474287,1474288,1474289,1474290 | 378803:1474291,1474292,1474293,1474294 | 378804:1474295,1474296,1474297,1474298 | 378805:1474299,1474300,1474301,1474302 | 378806:1474303,1474304,1474305,1474306 | 378807:1474307,1474308,1474309,1474310 | 378808:1474311,1474312,1474313,1474314 | 378809:1474315,1474316,1474317,1474318 | 378810:1474319,1474320,1474321,1474322 | 378811:1474323,1474324,1474325,1474326 | 378812:1474327,1474328,1474329,1474330 | 378813:1474331,1474332,1474333,1474334 | 378814:1474335,1474336,1474337,1474338 | 378815:1474339,1474340,1474341,1474342 | 378816:1474343,1474344,1474345,1474346 | 378817:1474347,1474348,1474349,1474350 | 378818:1474351,1474352,1474353,1474354 | 378819:1474355,1474356,1474357,1474358 | 378820:1474359,1474360,1474361,1474362 | 378821:1474363,1474364,1474365,1474366 | 378822:1474367,1474368,1474369,1474370 | 378823:1474371,1474372,1474373,1474374 | 378824:1474375,1474376,1474377,1474378 | 378825:1474379,1474380,1474381,1474382 | 378826:1474383,1474384,1474385,1474386 | 378827:1474387,1474388,1474389,1474390 | 378828:1474391,1474392,1474393,1474394 | 378829:1474395,1474396,1474397,1474398 | 378830:1474399,1474400,1474401,1474402 | 378831:1474403,1474404,1474405,1474406 | 378832:1474407,1474408,1474409,1474410 | 378833:1474411,1474412,1474413,1474414 | 378834:1474415,1474416,1474417,1474418 | 378835:1474419,1474420,1474421,1474422 | 378836:1474423,1474424,1474425,1474426 | 378837:1474427,1474428,1474429,1474430 | 378838:1474431,1474432,1474433,1474434 | 378839:1474435,1474436,1474437,1474438 | 378840:1474439,1474440,1474441,1474442 | 378841:1474443,1474444,1474445,1474446 | 378842:1474447,1474448,1474449,1474450 | 378843:1474451,1474452,1474453,1474454 | 378844:1474455,1474456,1474457,1474458 | 378845:1474459,1474460,1474461,1474462 | 378846:1474463,1474464,1474465,1474466 | 378847:1474467,1474468,1474469,1474470 | 378848:1474471,1474472,1474473,1474474 | 378849:1474475,1474476,1474477,1474478 | 378850:1474479,1474480,1474481,1474482 | 378851:1474483,1474484,1474485,1474486 | 378852:1474487,1474488,1474489,1474490 | 378853:1474491,1474492,1474493,1474494 | 378854:1474495,1474496,1474497,1474498 | 378855:1474499,1474500,1474501,1474502 | 378856:1474503,1474504,1474505,1474506 | 378857:1474507,1474508,1474509,1474510 | 378858:1474511,1474512,1474513,1474514 | 378859:1474515,1474516,1474517,1474518 | 378860:1474519,1474520,1474521,1474522 | 378861:1474523,1474524,1474525,1474526 | 378862:1474527,1474528,1474529,1474530 | 378863:1474531,1474532,1474533,1474534 | 378864:1474535,1474536,1474537,1474538 | 378865:1474539,1474540,1474541,1474542 | 378866:1474543,1474544,1474545,1474546 | 378867:1474547,1474548,1474549,1474550 | 378868:1474551,1474552,1474553,1474554 | 378869:1474555,1474556,1474557,1474558 | 378870:1474559,1474560,1474561,1474562 | 378871:1474563,1474564,1474565,1474566 | 378872:1474567,1474568,1474569,1474570 | 378873:1474571,1474572,1474573,1474574 | 378874:1474575,1474576,1474577,1474578 | 378875:1474579,1474580,1474581,1474582 | 378876:1474583,1474584,1474585,1474586 | 378877:1474587,1474588,1474589,1474590 | 378878:1474591,1474592,1474593,1474594 | 378879:1474595,1474596,1474597,1474598 | 378880:1474599,1474600,1474601,1474602 | 378881:1474603,1474604,1474605,1474606 | 378882:1474607,1474608,1474609,1474610 | 378883:1474611,1474612,1474613,1474614 | 378884:1474615,1474616,1474617,1474618 | 378885:1474619,1474620,1474621,1474622 | 378886:1474623,1474624,1474625,1474626 | 378887:1474627,1474628,1474629,1474630 | 378888:1474631,1474632,1474633,1474634 | 378889:1474635,1474636,1474637,1474638 | 378890:1474639,1474640,1474641,1474642 | 378891:1474643,1474644,1474645,1474646 | 378892:1474647,1474648,1474649,1474650 | 378893:1474651,1474652,1474653,1474654 | 378894:1474655,1474656,1474657,1474658 | 378895:1474659,1474660,1474661,1474662 | 378896:1474663,1474664,1474665,1474666 | 378897:1474667,1474668,1474669,1474670 | 378898:1474671,1474672,1474673,1474674 | 378899:1474675,1474676,1474677,1474678\" \/>\n\t<input type=\"hidden\" name=\"no_ajax\" value=\"0\">\t\t\t<\/form>\n\t<p>&nbsp;<\/p>\n<\/div>\n\n<script type=\"text\/javascript\">\n\/\/jQuery(document).ready(function(){\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \t\nvar question_ids = \"378800,378801,378802,378803,378804,378805,378806,378807,378808,378809,378810,378811,378812,378813,378814,378815,378816,378817,378818,378819,378820,378821,378822,378823,378824,378825,378826,378827,378828,378829,378830,378831,378832,378833,378834,378835,378836,378837,378838,378839,378840,378841,378842,378843,378844,378845,378846,378847,378848,378849,378850,378851,378852,378853,378854,378855,378856,378857,378858,378859,378860,378861,378862,378863,378864,378865,378866,378867,378868,378869,378870,378871,378872,378873,378874,378875,378876,378877,378878,378879,378880,378881,378882,378883,378884,378885,378886,378887,378888,378889,378890,378891,378892,378893,378894,378895,378896,378897,378898,378899\";\nWatuPROSettings[9466] = {};\nWatuPRO.qArr = question_ids.split(',');\nWatuPRO.exam_id = 9466;\t    \nWatuPRO.post_id = 96901;\nWatuPRO.store_progress = 0;\nWatuPRO.curCatPage = 1;\nWatuPRO.requiredIDs=\"0\".split(\",\");\nWatuPRO.hAppID = \"0.74971800 1777996605\";\nvar url = \"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/show_exam.php\";\nWatuPRO.examMode = 1;\nWatuPRO.siteURL=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-admin\/admin-ajax.php\";\nWatuPRO.emailIsNotRequired = 0;\nWatuPROIntel.init(9466);\nWatuPRO.inCategoryPages=1;});    \t \n<\/script>\n","protected":false},"excerpt":{"rendered":"<p>Earning the EC-Council Certified CISO (CCISO) certification not only validates your information security expertise but also opens the door to high-paying, leadership-oriented roles in cybersecurity. But how to earn the CCISO certification successfully? Choose DumpsBase 712-50 dumps as your preparation materials to complete the 712-50 exam. Everyone wants to pass on their first attempt to [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7631,119],"tags":[7626,18458],"class_list":["post-96901","post","type-post","status-publish","format-standard","hentry","category-cciso-certification","category-ec-council","tag-712-50-dumps","tag-ec-council-certified-ciso-cciso"],"_links":{"self":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/96901","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/comments?post=96901"}],"version-history":[{"count":1,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/96901\/revisions"}],"predecessor-version":[{"id":96902,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/96901\/revisions\/96902"}],"wp:attachment":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/media?parent=96901"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/categories?post=96901"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/tags?post=96901"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}