- All Exams Instant Download
Which of the following should be determined while defining risk management strategies?
Which of the following should be determined while defining risk management strategies?A . Organizational objectives and risk toleranceB . Risk assessment criteriaC . IT architecture complexityD . Enterprise disaster recovery plansView AnswerAnswer: A
Regulatory requirements typically force organizations to implement
Regulatory requirements typically force organizations to implementA . Mandatory controlsB . Discretionary controlsC . Optional controlsD . Financial controlsView AnswerAnswer: A
Risk that remains after risk mitigation is known as
Risk that remains after risk mitigation is known asA . Persistent riskB . Residual riskC . Accepted riskD . Non-tolerated riskView AnswerAnswer: B
Which of the following is a critical part of ensuring the program is successful?
A security manager has created a risk program. Which of the following is a critical part of ensuring the program is successful?A . Providing a risk program governance structureB . Ensuring developers include risk control comments in codeC . Creating risk assessment templates based on specific threatsD . Allowing for...
Which is the BEST solution to monitor, measure, and report changes to critical data in a system?
Which is the BEST solution to monitor, measure, and report changes to critical data in a system?A . Application logsB . File integrity monitoringC . SNMP trapsD . SyslogView AnswerAnswer: B
Which of the following risk strategy options have you engaged in?
You have purchased a new insurance policy as part of your risk strategy. Which of the following risk strategy options have you engaged in?A . Risk AvoidanceB . Risk AcceptanceC . Risk TransferD . Risk MitigationView AnswerAnswer: C
The PRIMARY objective for information security program development should be:
The PRIMARY objective for information security program development should be:A . Reducing the impact of the risk to the business.B . Establishing strategic alignment with bunsiness continuity requirementsC . Establishing incident response programs.D . Identifying and implementing the best security solutions.View AnswerAnswer: A
When managing the security architecture for your company you must consider:
When managing the security architecture for your company you must consider:A . Security and IT Staff sizeB . Company ValuesC . BudgetD . All of the aboveView AnswerAnswer: D
Which of the following standards and guidelines can BEST address this organization’s need?
A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. Which of the following standards and guidelines can BEST address this organization’s need?A . International Organization for Standardizations C 22301 (ISO-22301)B . Information Technology Infrastructure Library (ITIL)C ....
This activity BEST demonstrates what part of a security program?
A security manager regualrly checks work areas after buisness hours for security violations; such as unsecured files or unattended computers with active sessions. This activity BEST demonstrates what part of a security program?A . Audit validationB . Physical control testingC . Compliance managementD . Security awareness trainingView AnswerAnswer: C
