- Email support@dumps4free.com
Topic 2 : Pool B Jul-Aug-Sep
Which of the following is the BEST way to determine whether new controls mitigate security gaps in a
business system?
A.
Complete an offsite business continuity exercise.
B.
Conduct a compliance check against standards.
C.
Perform a vulnerability assessment.
D.
Measure the change in inherent risk.
Conduct a compliance check against standards.
The PRIMARY objective of testing the effectiveness of a new control before implementation is to:
A.
ensure that risk is mitigated by the control.
B.
measure efficiency of the control process.
C.
confirm control alignment with business objectives.
D.
comply with the organization's policy.
confirm control alignment with business objectives.
Which of the following is the FIRST step in managing the risk associated with the leakage of confidential
data?
A.
Maintain and review the classified data inventor.
B.
Implement mandatory encryption on data
C.
Conduct an awareness program for data owners and users.
D.
Define and implement a data classification policy
Define and implement a data classification policy
When an organization's disaster recovery plan has a reciprocal agreement, which of the following risk
treatment options is being applied?
A.
Acceptance
B.
Mitigation
C.
Transfer
D.
Avoidance
Mitigation
Whether the results of risk analyses should be presented in quantitative or qualitative terms should be based
PRIMARILY on the:
A.
requirements of management.
B.
specific risk analysis framework being used.
C.
organizational risk tolerance
D.
results of the risk assessment
requirements of management.
| Page 31 out of 193 Pages |
| Previous |