In order to highlight to management, the importance of network security, the security manager should FIRST:
A . develop a security architecture.
B . install a network intrusion detection system (NIDS) and prepare a list of attacks.
C . develop a network security policy.
D . conduct a risk assessment.
Answer: D
Explanation:
A risk assessment would be most helpful to management in understanding at a very high level the threats, probabilities and existing controls. Developing a security architecture, installing a network intrusion detection system (NIDS) and preparing a list of attacks on the network and developing a network security policy would not be as effective in highlighting the importance to management and would follow only after performing a risk assessment.
Latest CISM Dumps Valid Version with 1327 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund