- (Exam Topic 10)
Refer to the information below to answer the question.
An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement.
The security program can be considered effective when
Correct Answer:D
- (Exam Topic 11)
Data remanence refers to which of the following?
Correct Answer:D
- (Exam Topic 13)
Assessing a third party’s risk by counting bugs in the code may not be the best measure of an attack surface within the supply chain.
Which of the following is LEAST associated with the attack surface?
Correct Answer:C
Section: Security Assessment and Testing
- (Exam Topic 12)
A company has decided that they need to begin maintaining assets deployed in the enterprise. What approach should be followed to determine and maintain ownership information to bring the company into compliance?
Correct Answer:A
- (Exam Topic 12)
Which of the following is an advantage of on-premise Credential Management Systems?
Correct Answer:B