What is the MOST important role of an organization's data custodian in support of the information security function?

A. Evaluating data security technology vendors
B. Assessing data security risks to the organization
C. Approving access rights to departmental data
D. Applying approved security policies

When granting a vendor remote access to a system, which of the following is the MOST important consideration?

A. Session monitoring
B. Hard drive encryption
C. Multi-factor authentication
D. Password hashing

Which of the following is the BEST indication that an information security control is no longer relevant?

A. Users regularly bypass or ignore the control.
B. The control does not support a specific business function.
C. IT management does not support the control.
D. Following the control costs the business more than not following it.

Which of the following metrics would be considered an accurate measure of an information security program's performance?

A. The number of key risk indicators (KRIs) identified, monitored, and acted upon
B. A combination of qualitative and quantitative trends that enable decision making
C. A single numeric score derived from various measures assigned to the security program
D. A collection of qualitative indicators that accurately measure security exceptions

Which of the following is MOST helpful for protecting an enterprise from advanced persistent threats (APTs)?

A. Defined security standards
B. Updated security policies
C. Threat intelligence
D. Regular antivirus updates

Which of the following is the MOST important influence to the continued success of an organization's information security strategy?

A. Information systems
B. Policy development
C. Security processes
D. Organizational culture

An organization is about to purchase a rival organization. The PRIMARY reason for performing information security due diligence prior to making the purchase is to:

A. ensure compliance with international standards.
B. assess the ability to integrate the security department operations.
C. determine the security exposures.
D. evaluate the security policy and standards.

Which of the following is the MOST reliable source of information about emerging information security threats and vulnerabilities?

A. Industry bloggers
B. A social media group of hackers
C. Threat intelligence groups
D. Vulnerability scanning alerts

A security team is conducting its annual disaster recovery test. Post-restoration testing shows the system response time is significantly slower due to insufficient bandwidth for Internet connectivity at the recovery center. Which of the following is the security manager's BEST course of action?

A. Halt the test until the network bandwidth is increased.
B. Reduce the number of applications marked as critical.
C. Document the deficiency for review by business leadership.
D. Pursue risk acceptance for the slower response time.

The MOST important reason for an information security manager to be involved in a new software purchase initiative is to:

A. choose the software with the most control options.
B. provide input for user requirements.
C. ensure there is software escrow in place.
D. ensure the appropriate controls are considered.