A recent security audit is reporting several unsuccessful login attempts being repeated at specific times during the day on an Internet facing authentication server. No alerts have been generated by the security information and event management (SIEM) system . What PRIMARY action should be taken to improve SIEM performance? A. Implement role-based system monitoring B. Audit firewall logs to identify the source of login attempts C. Enhance logging detail D. Confirm alarm thresholds

An attacker has intruded into the source code management system and is able to download but not modify the code. Which of the following aspects of the code theft has the HIGHEST security impact? A. The attacker could publicly share confidential comments found in the stolen code. B. Competitors might be able to steal the organization’s ideas by looking at the stolen code. C. A competitor could run their own copy of the organization’s website using the stolen code. D. Administrative credentials or keys hard-coded within the stolen code could be used to access sensitive data.

Which of the following has the responsibility of information technology (IT) governance? A. Chief Information Officer (CIO) B. Senior IT Management C. Board of Directors D. Chief Information Security Officer (CISO)

Which of the following is the FIRST requirement a data owner should consider before implementing a data retention policy? A. Training B. Legal C. Business D. Storage

Which of the following BEST obtains an objective audit of security controls?