- (Topic 3)
What oversight should the information security team have in the change management process for application security?
Correct Answer:
C
- (Topic 1)
Risk that remains after risk mitigation is known as
Correct Answer:
B
- (Topic 3)
The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?
Correct Answer:
D
- (Topic 2)
The MOST common method to get an unbiased measurement of the effectiveness of an Information Security Management System (ISMS) is to
Correct Answer:
D
- (Topic 4)
Your incident handling manager detects a virus attack in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the incident handling process will utilize the signature to resolve this incident?
Correct Answer:
D