Question: 1
Which of the following should be the PRIMARY objective when developing an information security strategy?
Question: 2
What should an information security manager do FIRST when made aware of a new regulation which may require the redesign of existing information security processes?
A. Develop a future state roadmap.
B. Perform a cost-benefit analysis.
Question: 3
An organization has outsourced many application development activities to a third party that uses contract programmers extensively. Which of the following would provide the BEST assurance that the third party's contract programmers comply with the organization's security policies?
Question: 4
An organization is planning to create a website that will collect site-visitor details from around the world and use them as marketing lists for operations in several countries. Which of the following should be of MOST concern to the information security manager?
Question: 5
Senior management has endorsed a comprehensive information security policy. Which of the following should the organization do NEXT?