1 An information security manager has observed multiple exceptions for a number of different security controls Which of the following should be the information security manager's FIRST course of action A Report the noncompliance to the board of directors B Inform respective risk owners of the impact of exceptions C Design mitigating controls for the exceptions D Prioritize the risk and implement treatment options 2 An information security manager has been made aware that some employees are discussing confidential corporate business on social media sites Which of the following is the BEST response to this situation A Communicate social media usage requirements and monitor compliance B Block workplace access to social media sites and monitor employee usage C Train employees how to set up privacy rules on social media sites D Scan social media sites for company related information 3 An information security manager is reviewing the organization's incident response policy affected by a proposed public cloud integration Which of the following will be the MOST difficult to resolve with the cloud service provider A Accessing information security event data B Regular testing of incident response plan C Obtaining physical hardware for forensic analysis D Defining incidents and notification criteria

The Answer is in the image, click to view ...

Question: 1. An information security manager has observed multiple exceptions for a number of different security controls. Which of the following should be the information security

1. An information security manager has observed multiple exceptions for a number of different security controls. Which of the following should be the information security manager's FIRST course of action?

A. Report the noncompliance to the board of directors.
B. Inform respective risk owners of the impact of exceptions
C. Design mitigating controls for the exceptions.
D. Prioritize the risk and implement treatment options.

2. An information security manager has been made aware that some employees are discussing confidential corporate business on social media sites. Which of the following is the BEST response to this situation?

A. Communicate social media usage requirements and monitor compliance.
B. Block workplace access to social media sites and monitor employee usage.
C. Train employees how to set up privacy rules on social media sites.
D. Scan social media sites for company-related information.

3. An information security manager is reviewing the organization's incident response policy affected by a proposed public cloud integration. Which of the following will be the MOST difficult to resolve with the cloud service provider?

A. Accessing information security event data
B. Regular testing of incident response plan
C. Obtaining physical hardware for forensic analysis
D. Defining incidents and notification criteria

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

need detailed answer for each question Which of the following roles is accountable for ensuring the impact of a new regulatory framework on a business system is assessed? A. Senior management B....

need detailed solution for each question: The department head of application development has decided to accept the risks identified in a recent assessment. No recommendations will be implemented,...

need the solution for each question Which of the following is the PRIMARY driver for determining the classification of application systems? A. The cost of repairing damage to system elements B. The...

need detailed answer for each question: Following a successful attack, an information security manager should be confident the malware has not continued to spread at the completion of which incident...

need detailed answer for each question Which of the following provides the BEST assurance that security policies are applied across business operations? A. Organizational standards are enforced by...

need a detailed answer for each question Which of the following is MOST important to include in an incident response plan to ensure incidents are responded to by the appropriate individuals? A....

ISAudi, Basics Gestein, MD. 1140 2015, world Septic actors in a cours for more than 50 digital met in the Incorporated autors in the con proses and aty 70, and med cresting domy became out the preda...

INFO8480 IT SECURITY PLANNING, AUDIT AND GOVERNANCE Assignment #1 - 10% Case Study Raj and Harjot are the owners of a small organization ($2-$3 million in annual sales) selling Drones from their...

Anatomy of an Industrial Espionage Attack By Ira S . Winkler 1 President, Information Security Advisors Group The CEO sat quietly as I showed him the complete manufacturing instructions for his top...

I need assistance with the case requirement questions, Part A and Part B (Exhibit 3) and Background, scope, findings and conclusions (exhibit 4) Assessing Information Technology General Control Risk:...

The linear approximation to f(x) = E at x = 8 is given by %3D O a. 2 O b. Z+16 12 O d. 2 + X

Determine whether each of the following random variables is discrete or continuous. a. The number of heads in 100 tosses of a coin. b. The length of a rod randomly chosen from a day's production. c....

General Mills reported the following information in its 2 0 2 0 financial statements ( $ in millions ) : \ table [ [ Balance Sheet:, 2 0 2 8 , 2 8 1 9 ] , [ Accounts receivable, net,$ 1 , 6 1 5 , 1 ,...

Scenario: A Multi-national Corporation called The Globe has created a subsidiary called Thirst in an under-developed country called non-potable waters. This hosting country suffers from a severe...

8. Sometimes viewed as a Scandinavian tortilla, these potato flatcakes are often sold in areas with high Scandinavian American populations: a. Lefse b. Lutefisk c. Aquavit d. Fiskepudding

What is the relationship between humans?

What is the orientation toward time?