- Email support@dumps4free.com
Topic 1: Governance (Policy, Legal & Compliance)
An organization's Information Security Policy is of MOST importance because
A.
it communicates management’s commitment to protecting information resources
B.
it is formally acknowledged by all employees and vendors
C.
it defines a process to meet compliance requirements
D.
it establishes a framework to protect confidential information
it communicates management’s commitment to protecting information resources
Which of the following should be determined while defining risk management strategies?
A.
Organizational objectives and risk tolerance
B.
Risk assessment criteria
C.
IT architecture complexity
D.
Enterprise disaster recovery plans
Organizational objectives and risk tolerance
A Security Operations Centre (SOC) manager is informed that a database containing highly sensitive corporate strategy information is under attack. Information has been stolen and the database server was disconnected. Who must be informed of this incident?
A.
Internal audit
B.
The data owner
C.
All executive staff
D.
Government regulators
The data owner
You have implemented a new security control. Which of the following risk strategy options have you engaged in?
A.
Risk Avoidance
B.
Risk Acceptance
C.
Risk Transfer
D.
Risk Mitigation
Risk Mitigation
Which of the following is a weakness of an asset or group of assets that can be exploited by one or more threats?
A.
Threat
B.
Vulnerability
C.
Attack vector
D.
Exploitation
Vulnerability
| Page 9 out of 89 Pages |
| Previous |