ITIL 4 Practitioner Information Security ManagementPreview

A newly appointed chief information security officer (CISO) has been asked to explain the purpose of information security management to the board.
Which explanation is the BEST for the CISO to use?

Which input to the ‘assessment and review’ process help to assess whether information security controls are effective?

To support an audit, an information security consultant wants to share with relevant teams a list of additional controls that are needed to protect the organization’s assets.
What type of tool is BEST to assist with this?

What TWO types of tools are the BEST to use to isolate a compromised server from the network?

1. Analysis and reporting tool
2. Workflow management and collaboration tool
3. SIEM tool
4. Knowledge management tool

What activity helps identify potential events that could impact the security of information?

An organization has very effective information security controls; its information security management plans are regularly tested. The information security team is working on integration of information security in all aspects of the organization, but this work has just begun.
Which capability level does this information security management practice demonstrate?

An organization has mapped the value stream for resolving incidents, and has identified many handoffs to and from third parties. These handoffs require potentially sensitive information to be shared so that the incidents can be resolved, and this results in a risk that information might be leaked.
What TWO things should the organization do to manage this risk?

1. Resolve all incidents that involve sensitive information using in-house staff only
2. Automatically detect sensitive information and remove it when it is not essential for the supplier
3. Ensure contracts specify how the suppliers should manage this information
4. Delete all sensitive data from incident records so that is cannot be leaked during incident investigation