- (Exam Topic 2)
Which of the following is a term related to risk management that represents the estimated frequency at which a threat is expected to transpire?
Correct Answer:
C
- (Exam Topic 5)
Scenario: You are the newly hired Chief Information Security Officer for a company that has not previously had a senior level security practitioner. The company lacks a defined security policy and framework for their Information Security Program. Your new boss, the Chief Financial Officer, has asked you to draft an outline of a security policy and recommend an industry/sector neutral information security control framework for implementation.
Your Corporate Information Security Policy should include which of the following?
Correct Answer:
B
- (Exam Topic 3)
A person in your security team calls you at night and informs you that one of your web applications is potentially under attack from a cross-site scripting vulnerability. What do you do?
Correct Answer:
C
- (Exam Topic 6)
A bastion host should be placed:
Correct Answer:
C
Reference: https://www.skillset.com/questions/a-bastion-host-is-which-of-the-following
- (Exam Topic 6)
Which level of data destruction applies logical techniques to sanitize data in all user-addressable storage locations?
Correct Answer:
B
Reference:
https://it.brown.edu/computing-policies/electronic-equipment-disposition-policy/data-removal-recommendations