Question 16

According to private sector data classification levels, how would salary levels and medical information be classified?
  • Question 17

    Which process of the Information Security Continuous Monitoring (ISCM) program assists the organization in finding the appropriate response to organizational risk?
  • Question 18

    After a breach incident, investigators narrowed the attack to a specific network administrator's credentials.
    However, there was no evidence to determine how the hackers obtained the credentials. Much of the following actions could have BEST avoided the above breach per the investigation described above?
  • Question 19

    Which of the following statements pertaining to the Trusted Computer System Evaluation Criteria (TCSEC) is incorrect?
  • Question 20

    Who should DECIDE how a company should approach security and what security measures should be implemented?