Quiz CISSP

Quiz CISSP, Certified Information Systems Security Professional (update September 5th,2013)

What are the three types of policies that are missing from the following graphic?

In the graphic that follows, which method is missing and what is the purpose of this method?

Which of the following should he do first?

Which of the following is not a characteristic of a company with a security governance program in place?

Which of the following official risk methodologies was not created for the purpose of analyzing security risks?

He does not determine, maintain, or evaluate controls, so what is Jared’s role?

What is the primary function of her new role?

For what purpose was the COSO framework developed?

Which of the following is not true of authorization creep?

Which of the following should George use to calculate the company’s residual risk?