00:00

QUESTION 61

- (Exam Topic 1)
Why is it vitally important that senior management endorse a security policy?

Correct Answer: A

QUESTION 62

- (Exam Topic 2)
The implementation of anti-malware and anti-phishing controls on centralized email servers is an example of what type of security control?

Correct Answer: D

QUESTION 63

- (Exam Topic 1)
Which of the following functions MUST your Information Security Governance program include for formal organizational reporting?

Correct Answer: A

QUESTION 64

- (Exam Topic 3)
What oversight should the information security team have in the change management process for application security?

Correct Answer: C

QUESTION 65

- (Exam Topic 5)
Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years.
This global retail company is expected to accept credit card payments. Which of the following is of MOST concern when defining a security program for this organization?

Correct Answer: B