- Email support@dumps4free.com
Topic 1: Exam Pool A
The PRIMARY goal of a post-incident review should be to:
A.
determine how to improve the incident handling process
B.
identify policy changes to prevent a recurrence
C.
establish the cost of the incident to the business
D.
determine why the incident occurred
determine how to improve the incident handling process
Threat and vulnerability assessments are important PRIMARILY because they are:
A.
the basis for setting control objectives
B.
used to establish security investments
C.
needed to estimate risk.
D.
elements of the organization's security posture
needed to estimate risk.
Which of the following is the MOST effective way to address an organization's security
concerns during contract negotiations with a third party?
A.
Communicate security policy with the third-party vendor.
B.
Ensure security is involved in the procurement process
C.
Conduct an information security audit on the third-party vendor
D.
Review the third-party contract with the organization's legal department
Ensure security is involved in the procurement process
An organization wants to enable digital forensics for a business-critical application. Which
of the following will BEST help to support this objective?
A.
Enable activity logging.
B.
Develop an incident response plan
C.
Install biometric access control
D.
Define data retention criteria.lag
Develop an incident response plan
The PRIMARY objective of a risk response strategy should be:
A.
appropriate control selection.
B.
senior management buy-in
C.
regulatory compliance.
D.
threat reduction
appropriate control selection.
| Page 15 out of 61 Pages |
| Previous |