Which of the following metrics would provide management with the MOST useful information about the effectiveness of a security awareness program?

A. Increased number of downloads of the organization's security policy
B. Decreased number of security incidents
C. Increased number of reported security incidents
D. Decreased number of phishing attacks

To minimize security exposure introduced by changes to the IT environment, which of the following is MOST important to implement as part of change management?

A. Requiring approval by senior management
B. Performing a business impact analysis (BIA) prior to implementation
C. Performing post-change reviews before closing change tickets
D. Conducting a security risk assessment prior to go-live

The BEST way to obtain funding from senior management for a security awareness program is to:

A. meet regulatory requirements.
B. produce an impact analysis report of potential breaches.
C. produce a report of organizational risks.
D. demonstrate that the program will adequately reduce risk

In a large organization, which of the following is the BEST source for identifying ownership of a PC?

A. User ID register
B. Asset management register
C. Domain name server (DNS) records
D. Identity management system

Inadvertent disclosure of internal business information on social media is BEST minimized by which of the following?

A. Developing social media guidelines
B. Educating users on social media risks
C. Limiting access to social media sites
D. Implementing data loss prevention (DLP) solutions

Which of the following is the MOST important outcome of testing incident response plans?

A. Staff is educated about current threats.
B. An action plan is available for senior management.
C. Areas requiring investment are identified.
D. Internal procedures are improved.

Which of the following presents the GREATEST information security concern when deploying an identity and access management solution?

A. Complying with the human resource policy
B. Supporting multiple user repositories
C. Supporting legacy applications
D. Gaining end user acceptance

Which of the following is the STRONGEST indication that senior management commitment to information security is lacking within an organization?

A. A high level of information security risk acceptance
B. The information security manager reports to the chief risk officer
C. Inconsistent enforcement of information security policies
D. A reduction in information security investment

The PRIMARY purpose of a security information and event management (SIEM) system is to:

A. resolve incidents.
B. track ongoing incidents.
C. provide status of incidents.
D. identify potential incidents.

Which of the following BEST demonstrates the maturity of an information security monitoring program?

A. Senior management regularly reviews security standards.
B. The information security program was introduced with a thorough business case.
C. Information security key risk indicators (KRIs) are tied to business operations.
D. Risk scenarios are regularly entered into a risk register.