- (Exam Topic 1)
Which of the following is a weakness of an asset or group of assets that can be exploited by one or more threats?

1. A. Threat
2. B. Vulnerability
3. C. Attack vector
4. D. Exploitation

Correct Answer: B

- (Exam Topic 1)
The success of the Chief Information Security Officer is MOST dependent upon:

1. A. favorable audit findings
2. B. following the recommendations of consultants and contractors
3. C. development of relationships with organization executives
4. D. raising awareness of security issues with end users

Correct Answer: C

- (Exam Topic 1)
Within an organization’s vulnerability management program, who has the responsibility to implement remediation actions?

1. A. Security officer
2. B. Data owner
3. C. Vulnerability engineer
4. D. System administrator

Correct Answer: D

- (Exam Topic 3)
You are the CISO of a commercial social media organization. The leadership wants to rapidly create new methods of sharing customer data through creative linkages with mobile devices. You have voiced concern about privacy regulations but the velocity of the business is given priority. Which of the following BEST describes this organization?

1. A. Risk averse
2. B. Risk tolerant
3. C. Risk conditional
4. D. Risk minimal

Correct Answer: B

- (Exam Topic 5)
What process defines the framework of rules and practices by which a board of directors ensure accountability, fairness and transparency in an organization's relationship with its shareholders?

1. A. Internal Audit
2. B. Corporate governance
3. C. Risk Oversight
4. D. Key Performance Indicators

Correct Answer: B
Reference: https://www.igi-global.com/dictionary/corporate-governance/5957