InfoTechSite

An organization implements a policy stating that all employees must complete mandatory security awareness training annually. This policy is an example of which type of security control?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

9 hours ago | [YT] | 0

InfoTechSite

A company is evaluating a potential new business partner that will have access to its customer data. Which of the following is the most important consideration from a risk management perspective?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

1 day ago | [YT] | 0

InfoTechSite

An organization's Business Continuity (BC) plan is being reviewed. The plan details the steps to be taken to ensure critical business functions can continue to operate during and after a disaster. What is the first and most crucial step that must be completed before developing this plan?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

1 week ago | [YT] | 1

InfoTechSite

A risk manager is reviewing a recent audit report that indicates a new server has an unpatched operating system. The manager is asked to define the most significant risk associated with this finding. Which of the following should the manager emphasize in the description?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

1 week ago | [YT] | 0

InfoTechSite

An organization recently implemented a new policy requiring all employees to use multi-factor authentication for remote access. This policy serves as a high-level statement of management's intent. Which of the following is the next logical step in ensuring the policy is effectively implemented?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

1 week ago | [YT] | 0

InfoTechSite

A company is developing a new mobile application that will handle sensitive patient health information. The development team is conducting a security review to identify potential weaknesses in the design. Which methodology would be most effective for this process?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

1 week ago | [YT] | 0

InfoTechSite

During a security awareness training, a CISSP discovers that an employee has been storing customer credit card information on an unencrypted spreadsheet on a local drive to make data analysis easier. The CISSP advises the employee to immediately stop this practice. Which of the ISC2 Code of Professional Ethics canons does this action most directly support?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

2 weeks ago | [YT] | 2

InfoTechSite

A third-party vendor providing a cloud-based customer relationship management (CRM) platform experiences a major service outage. The contract with the vendor includes a clause specifying a 99.9% uptime guarantee. Which aspect of security governance is being addressed by this contractual requirement?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

2 weeks ago | [YT] | 1

InfoTechSite

A project manager is concerned about the potential for social engineering attacks targeting new hires who are unfamiliar with corporate security protocols. The manager wants to implement a measure that will proactively prevent such incidents from occurring. Which type of control should be prioritized?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

2 weeks ago | [YT] | 2

InfoTechSite

A security team is performing a risk assessment for a critical business application. They identify a weakness in the application’s code that could be exploited by an attacker to gain unauthorized access to sensitive data. What is the correct term for this weakness?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

2 weeks ago | [YT] | 2