- (Exam Topic 5)
At what level of governance are individual projects monitored and managed?

1. A. Program
2. B. Milestone
3. C. Enterprise
4. D. Portfolio

Correct Answer: D

- (Exam Topic 6)
The primary responsibility for assigning entitlements to a network share lies with which role?

1. A. CISO
2. B. Data owner
3. C. Chief Information Officer (CIO)
4. D. Security system administrator

Correct Answer: B
Reference: https://resources.infosecinstitute.com/certification/data-and-system-ownership/

- (Exam Topic 2)
An employee successfully avoids becoming a victim of a sophisticated spear phishing attack due to knowledge gained through the corporate information security awareness program. What type of control has been effectively utilized?

1. A. Management Control
2. B. Technical Control
3. C. Training Control
4. D. Operational Control

Correct Answer: D

- (Exam Topic 4)
Security related breaches are assessed and contained through which of the following?

1. A. The IT support team.
2. B. A forensic analysis.
3. C. Incident response
4. D. Physical security team.

Correct Answer: C

- (Exam Topic 3)
How often should the SSAE16 report of your vendors be reviewed?

1. A. Quarterly
2. B. Semi-annually
3. C. Annually
4. D. Bi-annually

Correct Answer: C