The purpose of an information security strategy is to:

express the goals of an information security program and the plan to achieve them.

outline the intended configuration of information system security controls.

mandate the behavior and acceptable actions of all information system users.

authorize the steps and procedures necessary to protect critical information systems.

Senior management commitment and support for information security can BEST be obtained through presentations that:

tie security risk to key business objectives.

use illustrative examples of successful attacks.

explain the technical risk to the organization.

evaluate the organization against good security practices.

A security manager is preparing a report to obtain the commitment of executive management to a security program. Inclusion of which of the following items would be of MOST value?

Associating realistic threats to corporate objectives

Examples of genuine incidents at similar organizations

Statement of generally accepted good practices

Analysis of current technological exposures

The MOST important requirement for gaining management commitment to the information security program is to:

demonstrate support for desired outcomes

benchmark a number of successful organizations.

demonstrate potential losses and other impacts that can result from a lack of support

inform management of the legal requirements of due care.

Which of the following situations would MOST inhibit the effective implementation of security governance?

Conflicting business priorities

Which of the following choices would be the MOST significant key risk indicator?

A deviation in employee turnover

The number of packets dropped by the firewall

The reporting relationship of IT

Which person or group should have final approval of an organization’s information technology (IT) security policies?

Chief information security officer

Which of the following is the PRIMARY reason to change policies during program development?

The policies no longer reflect management intent and direction.

The policies must comply with new regulatory and legal mandates.

Appropriate security baselines are no longer set in the policies.

Employees consistently ignore the policies.

CISM Pre assessment

Professional Development

•

16 Qs

Similar activities

IT (data, viruses and more)

8th Grade - Professional Development

•

20 Qs

GRAND OPENING INTERNSHIP EXERCISE 2024

Professional Development

•

13 Qs

เทคโนโลยี (วิทยาการคำนวณ) ชั้นมัธยมศึกษาปีที่ 5

Professional Development

•

20 Qs

Arrays & Strings using C

Professional Development

•

15 Qs

Infomatrix 2018

1st Grade - Professional Development

•

13 Qs

Input, output and storage de

8th Grade - Professional Development

•

14 Qs

BCA - IV SEM DBMS

Professional Development

•

20 Qs

Teaching Strategy

Professional Development

•

20 Qs

CISM Pre assessment

Quiz

•

Computers

•

Professional Development

•

Practice Problem

•

Medium

Omantel Ohi

Used 27+ times

FREE Resource

16 questions

Show all answers

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

Which of the following reasons is the MOST important to develop a strategy before implementing an information security program

To justify program development costs

To integrate development activities

To gain management support for an information security program

To comply with international standards

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

How does knowledge of risk appetite help to increase security control effectiveness?

It shows senior management that you understand their needs

It provides a basis for redistributing resources to mitigate risk above the risk appetite

It requires continuous monitoring because the entire risk environment is constantly changing

It facilitates communication with management about the importance of security

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

When an organization is setting up a relationship with a third-party IT service provider, which of the following is one of the MOST important topics to include in the contract from a security standpoint?

Compliance with international security standards

Use of a two-factor authentication system

Existence of an alternate hot site in case of business disruption

Compliance with the organization’s information security requirements

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

Which of the following choices is MOST important to verify to ensure the availability of key business processes at an alternate site?

Recovery time objective

Functional delegation matrix

Staff availability to the site

End-to-end transaction flow

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

Which of the following steps should be FIRST in developing an information security plan?

Perform a technical vulnerabilities assessment.

Analyze the current business strategy.

Perform a business impact analysis

Assess the current levels of security awareness

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

Information security governance is PRIMARILY driven by:

technology constraints

regulatory requirements.

litigation potential.

business strategy.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

The FIRST step to create an internal culture that embraces information security is to:

implement stronger controls.

conduct periodic awareness training.

actively monitor operations

gain endorsement from executive management.

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

20 questions

Tout savoir sur Windows Quiz 2

Quiz

•

Professional Development

12 questions

BIS - Database

Quiz

•

Professional Development

13 questions

Five Nights At Freddy's: Security Breach Quiz

Quiz

•

KG - Professional Dev...

20 questions

js DOM

Quiz

•

12th Grade - Professi...

15 questions

Javascript basics

Quiz

•

Professional Development

16 questions

Keyboard Types

Quiz

•

Professional Development

17 questions

MOC 20744C-Securing Windows Server 2016 - Part 2

Quiz

•

Professional Development

12 questions

eContent Development Tools

Quiz

•

Professional Development

Popular Resources on Wayground

5 questions

This is not a...winter edition (Drawing game)

Quiz

•

1st - 5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

Identify Iconic Christmas Movie Scenes

Interactive video

•

6th - 10th Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

11 questions

How well do you know your Christmas Characters?

Lesson

•

3rd Grade

14 questions

Christmas Trivia

Quiz

•

5th Grade

20 questions

How the Grinch Stole Christmas

Quiz

•

5th Grade

Discover more resources for Computers

26 questions

Christmas Movie Trivia

Lesson

•

8th Grade - Professio...

25 questions

Christmas Movies

Quiz

•

Professional Development

20 questions

Christmas Trivia

Quiz

•

Professional Development

15 questions

Fun Holiday Trivia

Quiz

•

Professional Development

25 questions

Name That Tune - Christmas

Quiz

•

Professional Development

29 questions

Christmas Song Emoji Pictionary

Quiz

•

Professional Development

9 questions

Holiday Movie Trivia

Lesson

•

Professional Development

34 questions

Winter Trivia

Quiz

•

Professional Development