need detailed answer for each question

An information security policy was amended recently to support an organization's new information security strategy. Which of the following should be the information security manager's NEXT step?

• A. Evaluate the alignment with business strategy
• B. Update standards and procedures
• C. Review technical controls
• D. Refresh the security training program

Which of the following provides the MOST assurance that a third-party hosting provider will be able to meet availability requirements?

• A. The third party's business continuity plan (BCP)
• B. The third party's incident response plan
• C. Right-to-audit clause
• D. Service level agreement (SLA)

An organization permits the storage and use of its critical and sensitive information on employee-owned smartphones. Which of the following is the BEST security control?

• A. Monitoring now often the smartphone is used
• B. Developing security awareness training
• C. Requiring the backup of the organization s data by the user
• D. Establishing the authority to remote wipe

A spear phishing attack was used to trick a user into installing a Trojan onto a workstation. Which of the following would have been MOST effective in preventing this attack from succeeding?

• A. Application control
• B. Website blocking
• C. Internet filtering
• D. Network encryption

Which of the following would BEST mitigate accidental data loss events?

• A. Enforce a data hard drive encryption policy
• B. Conduct a data loss prevention audit
• C. Conduct periodic user awareness training
• D. Obtain senior management support for the information security strategy

Using which of the following metrics will BEST help to determine the resiliency of IT infrastructure security controls?

• A. Percentage of outstanding high-risk audit issues
• B. Number of incidents resulting in disruptions
• C. Number of successful disaster recovery tests
• D. Frequency of updates to system software

Which of the following is the MAIN reason for integrating an organization's incident response plan with its business continuity process?

• A. Incidents can escalate into disasters needing proper response
• B. Recovery time objectives (RTOs) need to be determined
• C. Incidents will be reported more timely when categorized as a disaster
• D. Integration of the plan will reduce resource costs to the organization

Several months after the installation of a new firewall with intrusion prevention features to block malicious activity, a breach was discovered that came in through the firewall shortly after installation. This breach could have been detected earlier by implementing firewall:

• A. web surfing controls
• B. packet filtering
• C. application awareness
• D. log monitoring

Which of the following is MOST important when providing updates during a security incident?

• A. Responding immediately to questions from the public
• B. Validating the reliability of information prior to dissemination
• C. Designating a communications representative
• D. Ensuring timely incident information to internal stakeholders

Which of the following is the BEST indication of a mature information security program?

• A. Security spending is below budget.
• B. Security incidents are managed properly.
• C. Security resources are optimized.
• D. Security audit findings are reduced.

An organization recently updated and published its information security policy and standards. What should the information security manager do NEXT?

• A. Update the organization's risk register.
• B. Develop a policy exception process.
• C. Communicate the changes to stakeholders.
• D. Conduct a risk assessment.

To optimize the implementation of information security governance in an organization, an information security manager should:

• A. implement processes consistent with international standards.
• B. utilize existing governance structures when possible.
• C. ensure changes are consistent with existing standards.
• D. make gradual changes to governance to minimize employee resistance.

Which of the following clauses would represent the MOST significant potential exposure if included in a contract with a third-party service provider?

• A. Provider responsibility in a disaster limited to best reasonable efforts
• B. Provider liability for loss of data limited to cost of physical media
• C. Audit rights limited to customer data and supporting infrastructure
• D. Access to escrowed software restricted to specific conditions

An intrusion has been detected and contained. Which of the following steps represents the BEST practice for ensuring the integrity of the recovered system?

• A. Restore the application and data from a forensic copy.
• B. Install the OS, patches, and application from the original source.
• C. Restore the OS, patches, and application from a backup.
• D. Remove all signs of the intrusion from the OS and application.

Which of the following should an information security manager do FIRST when informed that customer data has been breached within a third-party vendor's environment?

• A. Communicate the breach to leadership.
• B. Request and verify evidence of the breach.
• C. Notify the incident response team.
• D. Review vendor obligations in the contract.

An empowered security steering committee has decided to accept a critical risk. Which of the following is the information security manager's BEST course of action?

• A. Notify the chief risk officer (CRO) and internal audit.
• B. Determine the impact to information security objectives.
• C. Remove the specific risk item from the risk register.
• D. Document the risk acceptance and justification.