Which of the following is the PRIMARY goal of a security awareness training program within an organization? 1. To ensure all employees can respond effectively to security incidents 2.To reduce likelihood of insider threats and data breaches 3.To achieve compliance with industry security standards 4.To teach employees the organization security expectations

Which of the following is the BEST way to protect an organization's data assets? - A. Encrypt data in transit and at rest using up-to-date cryptographic algorithms. - B. Monitor and enforce adherence to security policies. - C. Require Multi-Factor Authentication (MFA) and Separation of Duties (SoD). - D. Create the Demilitarized Zone (DMZ) with proxies, firewalls and hardened bastion hosts.

With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions? A. At a rate concurrent with the volatility of the security control B. Only during system implementation and decommissioning C. Continuously without exception for all security controls D. Before and after each change of the control

Your organization has hired a new Security Architect who has experience with products from a particular vendor and is therefore inclined to use their suite of products. She suggests your team replaces the existing tools with the products of her chosen vendor. What is the primary concept missing from this action? A Risk Assessment B Due Diligence C Due Care D Strategic Alignment

A corporation does not have a formal data destruction policy. During which phase of a criminal legal proceeding will this have the MOST impact? A. Sentencing B. Trial C. Discovery D. Arraignment