- (Topic 5)
As the CISO you need to write the IT security strategic plan. Which of the following is the MOST important to review before you start writing the plan?
Correct Answer:
B
- (Topic 5)
Scenario: You are the CISO and have just completed your first risk assessment for your organization. You find many risks with no security controls, and some risks with inadequate controls. You assign work to your staff to create or adjust existing security controls to ensure they are adequate for risk mitigation needs.
When adjusting the controls to mitigate the risks, how often should the CISO perform an audit to verify the controls?
Correct Answer:
D
- (Topic 5)
The total cost of security controls should:
Correct Answer:
C
- (Topic 5)
Your company has limited resources to spend on security initiatives. The Chief Financial Officer asks you to prioritize the protection of information resources based on their value to the company. It is essential that you be able to communicate in language that your fellow executives will understand. You should:
Correct Answer:
B
- (Topic 3)
Which of the following can the company implement in order to avoid this type of security issue in the future?
Correct Answer:
B