Quiz CISSP

Quiz CISSP, Certified Information Systems Security Professional (update September 5th,2013)

When is it acceptable to not take action on an identified risk?

Which factor is the most important item when it comes to ensuring that security is successful in an organization?

What is a procedure?

Who is ultimately responsible for making sure data is classified and protected?

What does management need to consider the most when classifying data?

which of the following actions should management take?

Which group causes the most risk of fraud and computer compromises?

Who has the primary responsibility of determining the classification level for information?

Which role is accountable for information security?

What security principle will this circumstance violate?