Question 1

Which of the following will be MOST helpful for getting an Information Security project that is behind schedule back on schedule?

Accepted Answer

Upper management support is crucial as it can provide the necessary resources, authority, and decision-making power to address issues causing delays and help get the project back on track.

Question 2

When considering using a vendor to help support your security devices remotely, what is the BEST choice for allowing access?

Accepted Answer

Using a company-supplied laptop ensures that the device is secure and compliant with company policies. Two-factor authentication adds an extra layer of security, and having the vendor use their own unique credentials ensures accountability and traceability.

Question 3

An example of professional unethical behavior is:

Accepted Answer

The answer of An example of professional unethical behavior is:
...

Question 4

What oversight should the information security team have in the change management process for application security?

Accepted Answer

Information security should be involved in significant application security changes to ensure vulnerabilities are tested and mitigated before deployment.

Question 5

The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?

Accepted Answer

Deploying the IPS in monitor mode initially allows the IT group to observe its behavior without impacting network traffic, providing reassurance that legitimate traffic won't be blocked. The fail-open configuration ensures network availability in case of IPS failure.

Question 6

Which of the following is considered one of the most frequent failures in project management?

Accepted Answer

Failure to meet project deadlines is a common issue in project management, often due to poor planning, unforeseen challenges, or inadequate resource allocation.

Question 7

When entering into a third party vendor agreement for security services, at what point in the process is it BEST to understand and validate the security posture and compliance level of the vendor?

Accepted Answer

Understanding and validating the security posture and compliance level of a vendor should be done prior to signing the agreement to ensure that the vendor meets the necessary security requirements and to mitigate any potential risks before any services are performed.

Question 8

You manage a newly created Security Operations Center (SOC), your team is being inundated with security alerts and don't know what to do. What is the BEST approach to handle this situation?

Accepted Answer

Tuning the sensors to reduce false positives will help the team focus on genuine threats, improving efficiency and effectiveness in handling alerts.

Question 9

A department within your company has proposed a third party vendor solution to address an urgent, critical business need. As the CISO you have been asked to accelerate screening of their security control claims. Which of the following vendor provided documents is BEST to make your decision:

Accepted Answer

An attestation from a reputable accounting firm provides an independent verification of the vendor's security controls, making it a reliable source for assessing the vendor's security posture.

Question 10

How often should the SSAE16 report of your vendors be reviewed?

Accepted Answer

The SSAE16 report, now known as SSAE 18, is typically reviewed annually to ensure that vendors maintain adequate controls over their services.

Question 11

A severe security threat has been detected on your corporate network. As CISO you quickly assemble key members of the Information Technology team and business operations to determine a modification to security controls in response to the threat. This is an example of:

Accepted Answer

This scenario describes a response to a security threat, which is a part of Security Incident Response. It involves taking immediate action to address and mitigate the threat.

Question 12

In order for a CISO to have true situational awareness there is a need to deploy technology that can give a real-time view of security events across the enterprise. Which tool selection represents the BEST choice to achieve situational awareness?

Accepted Answer

A SIEM provides real-time analysis of security alerts generated by network hardware and applications, while IDS, firewall, and VMS contribute to detecting, preventing, and managing vulnerabilities and threats, offering comprehensive situational awareness.

Question 13

Which of the following is critical in creating a security program aligned with an organization's goals?

Accepted Answer

Developing a culture where all stakeholders make informed decisions about information risk ensures that security measures are integrated into the organization's operations and aligned with its goals.

Question 14

Which of the following represents the best method of ensuring business unit alignment with security program requirements?

Accepted Answer

Creating collaborative risk management approaches ensures that business units are actively involved in understanding and managing security risks, leading to better alignment with security program requirements.

Question 15

A recommended method to document the respective roles of groups and individuals for a given process is to:

Accepted Answer

A RACI chart is a tool used to clarify roles and responsibilities in a project or process, ensuring that everyone knows who is responsible, accountable, consulted, and informed.

Question 16

When operating under severe budget constraints a CISO will have to be creative to maintain a strong security organization. Which example below is the MOST creative way to maintain a strong security posture during these difficult times?

Accepted Answer

Testing open source security tools from a trusted site before deploying them ensures reliability and security, making it a creative and cost-effective approach.

Question 17

A CISO implements smart cards for credential management, and as a result has reduced costs associated with help desk operations supporting password resets. This demonstrates which of the following principles?

Accepted Answer

Implementing smart cards aligns security measures with business goals by reducing operational costs, such as those associated with password resets, while maintaining security.

Question 18

A CISO sees abnormally high volumes of exceptions to security requirements and constant pressure from business units to change security processes. Which of the following represents the MOST LIKELY cause of this situation?

Accepted Answer

The most likely cause is poor alignment of the security program to business needs, leading to frequent exceptions and pressure to change processes.

Question 19

A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?

Accepted Answer

The answer of A CISO decides to analyze the IT...

Question 20

Which of the following represents the BEST method of ensuring security program alignment to business needs?

Accepted Answer

Involving business units in strategic security planning ensures that security measures align with business objectives and needs, fostering collaboration and understanding between security and business functions.

Exam 3: EC-Council Information Security Manager (E|ISM)