The ambition of the security manager is to certify the organization against ISO/IEC 27001. What is an activity in the certification program? A. Formulate the security requirements in the outsourcing contracts B. Implement the security baselines in Secure Systems Development…

A protocol to investigate fraud by employees is being designed. Which measure can be part of this protocol? A. Seize and investigate the private laptop of the employee B. Investigate the contents of the workstation of the employee C. Investigate…

An experienced security manager is well aware of the risks related to communication over the internet. She also knows that Public Key Infrastructure (WI) can be used to keep e-mails between employees confidential. Which is the main risk of PKI?…