Which of the following would provide the BEST basis for allocating proportional protection activities when comprehensive classification is not feasible?
A . Single classification level allocation
B . Business process re-engineering
C . Business dependency assessment
D . Comprehensive cyber insurance procurement
Answer: C
Explanation:
The BEST basis for allocating proportional protection activities when comprehensive classification is not feasible is a business dependency assessment. This is because a business dependency assessment helps to identify the criticality and sensitivity of business processes and their supporting assets, based on their contribution to the organization’s objectives and value proposition. This allows for prioritizing protection activities according to the level of risk and impact. The other options are not as effective as a business dependency assessment, because they either use a single classification level allocation (A), which does not account for different levels of risk and impact; require a significant amount of time and resources to perform a business process re-engineering (B); or rely on external parties to cover potential losses without reducing the likelihood or impact of incidents (D).
Latest Cybersecurity Audit Certificate Dumps Valid Version with 75 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund