712-50 Exam Dumps | Information security policies should be reviewed:

<< Prev Question Next Question >>

Question 210/219

Information security policies should be reviewed:

A. by stakeholders at least annually

B. by the CISO when new systems are brought online

C. by the Incident Response team after an audit

D. by internal audit semiannually

Question List (219q): Question 1: Scenario: You are the newly hired Chief Information Security...; Question 2: A method to transfer risk is to:...; Question 3: A Security Operations Centre (SOC) manager is informed that ...; Question 4: An organization is required to implement background checks o...; Question 5: Which of the following represents the BEST reason for an org...; Question 6: The Information Security Management program MUST protect:...; Question 7: Which of the following is the MOST effective way to measure ...; Question 8: Which of the following methods are used to define contractua...; Question 9: An organization is looking for a framework to measure the ef...; Question 10: The exposure factor of a threat to your organization is defi...; Question 11: What type of attack requires the least amount of technical e...; Question 12: What is the estimate of all direct and indirect costs associ...; Question 13: You are the CISO for an investment banking firm. The firm is...; Question 14: Which wireless encryption technology makes use of temporal k...; Question 15: When briefing senior management on the creation of a governa...; Question 16: As a CISO you need to understand the steps that are used to ...; Question 17: SCENARIO: A Chief Information Security Officer (CISO) recent...; Question 18: Annual Loss Expectancy is derived from the function of which...; Question 19: Scenario: You are the CISO and have just completed your firs...; Question 20: The newly appointed CISO of an organization is reviewing the...; Question 21: An anonymity network is a series of?...; Question 22: An organization recently acquired a Data Loss Prevention (DL...; Question 23: Which of the following should be determined while defining r...; Question 24: Michael starts a new job and discovers that he has unnecessa...; Question 25: Which of the following BEST mitigates ransomware threats?...; Question 26: Your company has limited resources to spend on security init...; Question 27: A system was hardened at the Operating System level and plac...; Question 28: Which of the following is the MAIN security concern for publ...; Question 29: Ensuring that the actions of a set of people, applications a...; Question 30: You manage a newly created Security Operations Center (SOC),...; Question 31: SCENARIO: A CISO has several two-factor authentication syste...; Question 32: Many times a CISO may have to speak to the Board of Director...; Question 33: What Enterprise Architecture Framework is business-centric a...; Question 34: Where does bottom-up financial planning primarily gain infor...; Question 35: When considering using a vendor to help support your securit...; Question 36: When dealing with risk, the information security practitione...; Question 37: The ultimate goal of an IT security projects is:...; Question 38: What are the three hierarchically related aspects of strateg...; Question 39: An organization has defined a set of standard security contr...; Question 40: The company decides to release the application without remed...; Question 41: The effectiveness of an audit is measured by?...; Question 42: Which of the following set of processes is considered to be ...; Question 43: If a Virtual Machine's (VM) data is being replicated and tha...; Question 44: In which of the following cases would an organization be mor...; Question 45: Scenario: An organization has made a decision to address Inf...; Question 46: Which represents PROPER separation of duties in the corporat...; Question 47: Effective information security management programs require t...; Question 48: Which of the following BEST describes an international stand...; Question 49: What is the primary difference between regulations and stand...; Question 50: Which of the following is the MOST important for a CISO to u...; Question 51: In defining a strategic security plan for an organization, w...; Question 52: A security professional has been promoted to be the CISO of ...; Question 53: When entering into a third party vendor agreement for securi...; Question 54: When measuring the effectiveness of an Information Security ...; Question 55: The patching and monitoring of systems on a consistent sched...; Question 56: The general ledger setup function in an enterprise resource ...; Question 57: When performing a forensic investigation, what are the two M...; Question 58: What is the relationship between information protection and ...; Question 59: Scenario: Your organization employs single sign-on (user nam...; Question 60: Which of the following is used to establish and maintain a f...; Question 61: If your organization operates under a model of "assumption o...; Question 62: Your incident handling manager detects a virus attack in the...; Question 63: Which of the following is of MOST importance when security l...; Question 64: When should IT security project management be outsourced?...; Question 65: When managing the security architecture for your company you...; Question 66: What is a key policy that should be part of the information ...; Question 67: Who is responsible for verifying that audit directives are i...; Question 68: Scenario: The new CISO was informed of all the Information S...; Question 69: A key cybersecurity feature of a Personal Identification Ver...; Question 70: The framework that helps to define a minimum standard of pro...; Question 71: In which of the following cases, would an organization be mo...; Question 72: During the course of a risk analysis your IT auditor identif...; Question 73: You have implemented a new security control. Which of the fo...; Question 74: When choosing a risk mitigation method what is the MOST impo...; Question 75: Scenario: An organization has recently appointed a CISO. Thi...; Question 76: Which of the following provides an independent assessment of...; Question 77: As the Chief Information Security Officer, you want to ensur...; Question 78: Which of the following methodologies references the recommen...; Question 79: An organization has a stated requirement to block certain tr...; Question 80: As the new CISO at the company you are reviewing the audit r...; Question 81: The alerting, monitoring, and lifecycle management of securi...; Question 82: What are the common data hiding techniques used by criminals...; Question 83: A stakeholder is a person or group:...; Question 84: The single most important consideration to make when develop...; Question 85: When gathering security requirements for an automated busine...; Question 86: A severe security threat has been detected on your corporate...; Question 87: What is the BEST way to achieve on-going compliance monitori...; Question 88: Which of the following best summarizes the primary goal of a...; Question 89: Within an organization's vulnerability management program, w...; Question 90: According to the National Institute of Standards and Technol...; Question 91: Which of the following functions implements and oversees the...; Question 92: When is an application security development project complete...; Question 93: What is a difference from the list below between quantitativ...; Question 94: As the Risk Manager of an organization, you are task with ma...; Question 95: Many successful cyber-attacks currently include:...; Question 96: What is the definition of Risk in Information Security?...; Question 97: The process of identifying and classifying assets is typical...; Question 98: A global retail company is creating a new compliance managem...; Question 99: In MOST organizations which group periodically reviews netwo...; Question 100: Which publication serves as a resource of enterprise securit...; Question 101: The total cost of security controls should:...; Question 102: The effectiveness of social engineering penetration testing ...; Question 103: Which of the following is an example of risk transference?...; Question 104: Which of the following is considered to be an IT governance ...; Question 105: Scenario: Your company has many encrypted telecommunications...; Question 106: An access point (AP) is discovered using Wireless Equivalent...; Question 107: What is the main purpose of the Incident Response Team?...; Question 108: Which of the following is a countermeasure to prevent unauth...; Question 109: When an organization claims it is secure because it is PCI-D...; Question 110: The alerting, monitoring and life-cycle management of securi...; Question 111: Creating a secondary authentication process for network acce...; Question 112: In order for a CISO to have true situational awareness there...; Question 113: Which of the following is a common technology for visual mon...; Question 114: What is the FIRST step in developing the vulnerability manag...; Question 115: The network administrator wants to strengthen physical secur...; Question 116: What should an organization do to ensure that they have a so...; Question 117: The implementation of anti-malware and anti-phishing control...; Question 118: What role should the CISO play in properly scoping a PCI env...; Question 119: What is a Statement of Objectives (SOA)?...; Question 120: You work as a project manager for TYU project. You are plann...; Question 121: Which of the following is the BEST indicator of a successful...; Question 122: Which of the following is considered one of the most frequen...; Question 123: The Board of Directors of a publicly-traded company is conce...; Question 124: What is the THIRD state of the Tuckman Stages of Group Devel...; Question 125: Which security technologies are MOST critical to implementin...; Question 126: Scenario: You are the CISO and are required to brief the C-l...; Question 127: What is the difference between encryption and tokenization?...; Question 128: Which of the following are necessary to formulate responses ...; Question 129: Simon had all his systems administrators implement hardware ...; Question 130: The security team has investigated the theft/loss of several...; Question 131: As the CISO you need to write the IT security strategic plan...; Question 132: A person in your security team calls you at night and inform...; Question 133: Which of the following is the MOST logical method of deployi...; Question 134: What key technology can mitigate ransomware threats?...; Question 135: Many successful cyber-attacks currently include:...; Question 136: Which of the following best describes the sensors designed t...; Question 137: Which of the following conditions would be the MOST probable...; Question 138: A Chief Information Security Officer received a list of high...; Question 139: Your company has a "no right to privacy" notice on all logon...; Question 140: An audit was conducted and many critical applications were f...; Question 141: Optical biometric recognition such as retina scanning provid...; Question 142: A newly-hired CISO needs to understand the organization's fi...; Question 143: Providing oversight of an information security program for t...; Question 144: Which of the following is a benefit of information security ...; Question 145: When evaluating a Managed Security Services Provider (MSSP),...; Question 146: Scenario: An organization has made a decision to address Inf...; Question 147: If the result of an NPV is positive, then the project should...; Question 148: Scenario: As you begin to develop the program for your organ...; Question 149: Scenario: Your organization employs single sign-on (user nam...; Question 150: ABC Limited has recently suffered a security breach with cus...; Question 151: Which of the following is a MAJOR consideration when an orga...; Question 152: You have purchased a new insurance policy as part of your ri...; Question 153: You have recently drafted a revised information security pol...; Question 154: What standard provides a comprehensive framework for informa...; Question 155: Which of the following best describes a portfolio?...; Question 156: To get an Information Security project back on schedule, whi...; Question 157: A missing/ineffective security control is identified. Which ...; Question 158: IT control objectives are useful to IT auditors as they prov...; Question 159: When you develop your audit remediation plan what is the MOS...; Question 160: Which of the following functions MUST your Information Secur...; Question 161: An example of professional unethical behavior is:...; Question 162: The success of the Chief Information Security Officer is MOS...; Question 163: From the CISO's perspective in looking at financial statemen...; Question 164: Which of the following is MOST important when dealing with a...; Question 165: The process of creating a system which divides documents bas...; Question 166: Which of the following is MOST important when tuning an Intr...; Question 167: Acceptable levels of information security risk tolerance in ...; Question 168: The mean time to patch, number of virus outbreaks prevented,...; Question 169: Which type of physical security control scan a person's exte...; Question 170: Which of the following is the MOST important to share with a...; Question 171: Which of the following information may be found in table top...; Question 172: Which of the following illustrates an operational control pr...; Question 173: Which International Organization for Standardization (ISO) b...; Question 174: Which of the following terms is used to describe countermeas...; Question 175: The risk found after a control has been fully implemented is...; Question 176: As the CISO for your company you are accountable for the pro...; Question 177: When creating a vulnerability scan schedule, who is the MOST...; Question 178: Which of the following is the MOST important reason for perf...; Question 179: You have implemented the new controls. What is the next step...; Question 180: Which of the following information would MOST likely be repo...; Question 181: What is an example of a key performance indicator for cybers...; Question 182: Which of the following is considered the MOST effective tool...; Question 183: Scenario: An organization has made a decision to address Inf...; Question 184: A security officer wants to implement a vulnerability scanni...; Question 185: Scenario: You are the newly hired Chief Information Security...; Question 186: While Cost Benefit Analysis (CBA) is the easiest calculation...; Question 187: An organization has decided to develop an in-house BCM capab...; Question 188: The formal certification and accreditation process has four ...; Question 189: A new CISO just started with a company and on the CISO's des...; Question 190: Assigning the role and responsibility of Information Assuran...; Question 191: Credit card information, medical data, and government record...; Question 192: When working in the Payment Card Industry (PCI), how often s...; Question 193: With a focus on the review and approval aspects of board res...; Question 194: As the CISO, you have been tasked with the execution of the ...; Question 195: Of the following types of SOCs (Security Operations Centers)...; Question 196: What are the four groups that are critical to the success of...; Question 197: Which of the following provides an audit framework?...; Question 198: SCENARIO: A Chief Information Security Officer (CISO) recent...; Question 199: What is the MAIN reason for conflicts between Information Te...; Question 200: Which of the following would negatively impact a log analysi...; Question 201: The process for identifying, collecting, and producing digit...; Question 202: Which of the following is a primary method of applying consi...; Question 203: Access Control lists (ACLs), Firewalls, and Intrusion Preven...; Question 204: You are the CISO of a commercial social media organization. ...; Question 205: Scenario: The new CISO was informed of all the Information S...; Question 206: In effort to save your company money which of the following ...; Question 207: What are the security features that control how users and sy...; Question 208: You currently cannot provide for 24/7 coverage of your secur...; Question 209: Risk is defined as:; Question 210: Information security policies should be reviewed:...; Question 211: Dataflow diagrams are used by IT auditors to:...; Question 212: Which of the following statements below regarding Key Perfor...; Question 213: Which of the following represents the best method of ensurin...; Question 214: Which of the following functions evaluates patches used to c...; Question 215: When operating under severe budget constraints a CISO will h...; Question 216: What is the primary reason for performing vendor management?...; Question 217: Which of the following represents the BEST method of ensurin...; Question 218: Creating good security metrics is essential for a CISO. What...; Question 219: Which of the following is considered the MOST effective tool...

Question 210/219

LEAVE A REPLY

Download PDF File