Malware has recently affected an organization. The MOST effective way to resolve this situation and define a comprehensive risk treatment plan would be to perform:

• A.a vulnerability assessment.
• B.a root cause analysis.
• C.an impact assessment.
• D.a gap analysis.

Comment: *

Name: *

Email: *

Verification: *

What is the MAIN purpose of designing risk management programs?

• A.To reduce the risk to a level that the enterprise is willing to accept
• B.To reduce the risk to the point at which the benefit exceeds the expense
• C.To reduce the risk to a level that is too small to be measurable
• D.To reduce the risk to a rate of return that equals the current cost of capital

Comment: *

Name: *

Email: *

Verification: *

A change management process has recently been updated with new testing procedures. What is the NEXT course of action?

• A.Conduct a cost-benefit analysis to justify the cost of the control.
• B.Assess the maturity of the change management process.
• C.Communicate to those who test and promote changes.
• D.Monitor processes to ensure recent updates are being followed.

Comment: *

Name: *

Email: *

Verification: *

Which of the following are the security plans adopted by the organization?
Each correct answer represents a complete solution. (Choose three.)

• A.Business continuity plan
• B.Backup plan
• C.Disaster recovery plan
• D.Project management plan

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST way to mitigate the risk to IT infrastructure availability?

• A.Maintaining a risk register
• B.Establishing a disaster recovery plan (DRP)
• C.Maintaining a current list of staff contact delays
• D.Establishing recovery time objectives (RTOs)

Comment: *

Name: *

Email: *

Verification: *