Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.

Symmetric encryption in general is preferable to asymmetric encryption when:

Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years.

Which of the following frameworks and standards will BEST fit the organization as a baseline for their security program?

Which of the following is the MOST effective method for discovering common technical vulnerabilities within the

IT environment?

You are just hired as the new CISO and are being briefed on all the Information Security projects that your section has on going. You discover that most projects are behind schedule and over budget.

Using the best business practices for project management you determine that the project correctly aligns with the company goals and the scope of the project is correct. What is the NEXT step?

What are the primary reasons for the development of a business case for a security project?

Michael starts a new job and discovers that he has unnecessary access to a variety of systems. Which of the

following best describes the problem he has encountered?

The process for management approval of the security certification process which states the risks and mitigation of such risks of a given IT system is called

The newly appointed CISO of an organization is reviewing the IT security strategic plan. Which of the following is the MOST important component of the strategic plan?

Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years.

The organization has already been subject to a significant amount of credit card fraud. Which of the following is the MOST likely reason for this fraud?

Which of the following is considered the MOST effective tool against social engineering?

Which of the following should be determined while defining risk management strategies?

A company wants to fill a Chief Information Security Officer position in the organization. They need to define and implement a more holistic security program. Which of the following qualifications and experience would be MOST desirable to find in a candidate?

You have recently drafted a revised information security policy. From whom should you seek endorsement in order to have the GREATEST chance for adoption and implementation throughout the entire organization?

The purpose of NIST SP 800-53 as part of the NIST System Certification and Accreditation Project is to establish a set of standardized, minimum security controls for IT systems addressing low, moderate, and high levels of concern for

The framework that helps to define a minimum standard of protection that business stakeholders must attempt to achieve is referred to as a standard of:

Risk that remains after risk mitigation is known as

Who in the organization determines access to information?

To have accurate and effective information security policies how often should the CISO review the organization policies?

Step-by-step procedures to regain normalcy in the event of a major earthquake is PRIMARILY covered by which of the following plans?

The effectiveness of social engineering penetration testing using phishing can be used as a Key Performance Indicator (KPI) for the effectiveness of an organization’s

You work as a project manager for TYU project. You are planning for risk mitigation. You need to quickly identify high-level risks that will need a more in-depth analysis. Which of the following activities will help you in this?

In MOST organizations which group periodically reviews network intrusion detection system logs for all systems as part of their daily tasks?

Which of the following is the MOST important reason to measure the effectiveness of an Information Security Management System (ISMS)?

A recent audit has identified a few control exceptions and is recommending the implementation of technology and processes to address the finding. Which of the following is the MOST likely reason for the organization to reject the implementation of the recommended technology and processes?

Which of the following is the MOST important reason for performing assessments of the security portfolio?

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.

Which of the following is the reason the CISO has not been able to advance the security agenda in this organization?

The primary purpose of a risk register is to:

What is the relationship between information protection and regulatory compliance?

Which of the following information may be found in table top exercises for incident response?

The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help mitigate the risks?

In order for a CISO to have true situational awareness there is a need to deploy technology that can give a real-time view of security events across the enterprise. Which tool selection represents the BEST choice to achieve situational awareness?

From the CISO’s perspective in looking at financial statements, the statement of retained earnings of an organization:

The primary responsibility for assigning entitlements to a network share lies with which role?

Which of the following are the triple constraints of project management?

When performing a forensic investigation, what are the two MOST common data sources for obtaining evidence from a computer and mobile devices?

When information security falls under the Chief Information Officer (CIO), what is their MOST essential role?

Devising controls for information security is a balance between?

During a cyber incident, which non-security personnel might be needed to assist the security team?

To make sure that the actions of all employees, applications, and systems follow the organization’s rules and regulations can BEST be described as which of the following?

You are the CISO for an investment banking firm. The firm is using artificial intelligence (AI) to assist in approving clients for loans.

Which control is MOST important to protect AI products?

You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation.

Which of the following is NOT documented in the SSP?

A Security Operations (SecOps) Manager is considering implementing threat hunting to be able to make better decisions on protecting information and assets.

What is the MAIN goal of threat hunting to the SecOps Manager?

A bastion host should be placed:

Which of the following backup sites takes the longest recovery time?

Physical security measures typically include which of the following components?

When entering into a third party vendor agreement for security services, at what point in the process is it BEST to understand and validate the security posture and compliance level of the vendor?

Which one of the following BEST describes which member of the management team is accountable for the day-to-day operation of the information security program?

Which of the following functions evaluates patches used to close software vulnerabilities of new systems to assure compliance with policy when implementing an information security program?

Which of the following will be MOST helpful for getting an Information Security project that is behind schedule back on schedule?

Which of the following are not stakeholders of IT security projects?

Which of the following represents the BEST method for obtaining business unit acceptance of security controls within an organization?

While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data center?

What is the FIRST step in developing the vulnerability management program?

Which of the following is MOST important when tuning an Intrusion Detection System (IDS)?

As a CISO you need to understand the steps that are used to perform an attack against a network. Put each step into the correct order.

1.Covering tracks

2.Scanning and enumeration

3.Maintaining Access

4.Reconnaissance

5.Gaining Access

A customer of a bank has placed a dispute on a payment for a credit card account. The banking system uses digital signatures to safeguard the integrity of their transactions. The bank claims that the system shows proof that the customer in fact made the payment. What is this system capability commonly known as?

Which of the following is the MAIN security concern for public cloud computing?

The ability to hold intruders accountable in a court of law is important. Which of the following activities are needed to ensure the highest possibility for successful prosecution?

Which of the following statements about Encapsulating Security Payload (ESP) is true?

The process for identifying, collecting, and producing digital information in support of legal proceedings is called

Which of the following is a symmetric encryption algorithm?

The PRIMARY objective for information security program development should be:

An organization’s firewall technology needs replaced. A specific technology has been selected that is less costly than others and lacking in some important capabilities. The security officer has voiced concerns about sensitive data breaches but the decision is made to purchase. What does this selection indicate?

Which of the following is a MAJOR consideration when an organization retains sensitive customer data and uses this data to better target the organization’s products and services?

The security team has investigated the theft/loss of several unencrypted laptop computers containing sensitive corporate information. To prevent the loss of any additional corporate data it is unilaterally decided by the CISO that all existing and future laptop computers will be encrypted. Soon, the help desk is flooded with complaints about the slow performance of the laptops and users are upset. What did the CISO do wrong? (choose the BEST answer):

A recommended method to document the respective roles of groups and individuals for a given process is to:

Your incident response plan should include which of the following?