Which of the following is the BEST reason to perform a business impact analysis (BIA)?

• A.To help determine the current state of risk
• B.To budget appropriately for needed controls
• C.To satisfy regulatory requirements
• D.To analyze the effect on the business

Comment: *

Name: *

Email: *

Verification: *

A good privacy statement should include:

• A.notification of liability on accuracy of information.
• B.notification that information will be encrypted.
• C.what the company will do with information it collects.
• D.a description of the information classification process.

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST enables an information security manager to communicate the capability of security program functions?

• A.Security architecture diagrams
• B.Security maturity assessments
• C.Vulnerability scan results
• D.Key risk indicators (KRIs)

Comment: *

Name: *

Email: *

Verification: *

Which of the following has the GREATEST impact on efforts to improve an organization's security posture?

• A.Regular reporting to senior management
• B.Supportive tone at the top regarding security
• C.Automation of security controls
• D.Well-documented security policies and procedures

Comment: *

Name: *

Email: *

Verification: *

When preparing a business case for the implementation of a security information and event management (SIEM) system, which of the following should be a PRIMARY driver in the feasibility study?

• A.Implementation timeframe
• B.Industry benchmarks
• C.Cost of software
• D.Cost-benefit analysis

Comment: *

Name: *

Email: *

Verification: *