When preparing a strategy for protection from SQL injection attacks, it is MOST important for the information security manager to involve:

A. senior management
B. the security operations center.
C. business owners.
D. application developers.

An organization wants to ensure its confidential data is isolated in a multi-tenanted environment at a well-known cloud service provider. Which of the following is the BEST way to ensure the data is adequately protected?

A. Obtain documentation of the encryption management practices.
B. Verify the provider follows a cloud service framework standard.
C. Ensure an audit of the provider is conducted to identify control gaps.
D. Review the provider's information security policies and procedures.

What should an information security team do FIRST when notified by the help desk that an employee's computer has been infected with malware?

A. Take a forensic copy of the hard drive.
B. Restore the files from a secure backup.
C. Isolate the computer from the network.
D. Use anti-malware software to clean the infected computer.

Which of the following should be of GREATEST concern to a newly hired information security manager regarding security compliance?

A. Lack of risk assessments
B. Lack of standard operating procedures
C. Lack of security audits
D. Lack of executive support

The BEST defense against phishing attempts within an organization is:

A. filtering of e-mail.
B. an intrusion protection system (IPS).
C. strengthening of firewall rules.
D. an intrusion detection system (IDS).

The PRIMARY goal of conducting a business impact analysis (BIA) as part of an overall continuity planning process is to:

A. map the business process to supporting IT and other corporate resources.
B. obtain the support of executive management.
C. document the disaster recovery process.
D. identify critical processes and the degree of reliance on support services.

An organization's information security manager has learned that similar organizations have become increasingly susceptible to spear phishing attacks. What is the BEST way to address this concern?

A. Update data loss prevention (DLP) rules for email.
B. Include tips to identify threats in awareness training.
C. Conduct a business impact analysis (BIA) of the threat.
D. Create a new security policy that staff must read and sign.

When multiple Internet intrusions on a server are detected, the PRIMARY concern of the information security manager should be to ensure that the:

A. server is backed up to the network.
B. server is unplugged from power.
C. integrity of evidence is preserved.
D. forensic investigation software is loaded on the server.

Which of the following features of a library control software package would protect against unauthorized updating of source code?

A. Required approvals at each life cycle step
B. Date and time stamping of source and object code
C. Access controls for source libraries
D. Release-to-release comparison of source code

An information security manager has observed multiple exceptions for a number of different security controls. Which of the following should be the information security manager's FIRST course of action?

A. Report the noncompliance to the board of directors.
B. Inform respective risk owners of the impact of exceptions
C. Design mitigating controls for the exceptions.
D. Prioritize the risk and implement treatment options.