AllExam Dumps

DUMPS, FREE DUMPS, VCP5 DUMPS| VMWARE DUMPS, VCP DUMPS, VCP4 DUMPS, VCAP DUMPS, VCDX DUMPS, CISCO DUMPS, CCNA, CCNA DUMPS, CCNP DUMPS, CCIE DUMPS, ITIL, EXIN DUMPS,


READ Free Dumps For
Warning: Undefined variable $vendor in /home1/bandbozu/getfreedumps.com/quiz.php on line 141
-
Warning: Undefined variable $exam_number in /home1/bandbozu/getfreedumps.com/quiz.php on line 141





Question ID 16843

Security technologies should be selected PRIMARILY on the basis of their:

Option A

ability to mitigate business risks.

Option B

evaluations in trade publications.

Option C

 use of new and emerging technologies.

Option D

 benefits in comparison to their costs.

Correct Answer A
Explanation Explanation: The most fundamental evaluation criterion for the appropriate selection of any security technology is its ability to reduce or eliminate business risks. Investments in security technologies should be based on their overall value in relation to their cost; the value can be demonstrated in terms of risk mitigation. This should take precedence over whether they use new or exotic technologies or how they are evaluated in trade publications.


Question ID 16844

A business unit intends to deploy a new technology in a manner that places it in violation of
existing information security standards. What immediate action should an information
security manager take?

Option A

Enforce the existing security standard

Option B

Change the standard to permit the deployment

Option C

Perform a risk analysis to quantify the risk

Option D

 Perform research to propose use of a better technology

Correct Answer C
Explanation Explanation: Resolving conflicts of this type should be based on a sound risk analysis of the costs and benefits of allowing or disallowing an exception to the standard. A blanket decision should never be given without conducting such an analysis. Enforcing existing standards is a good practice; however, standards need to be continuously examined in light of new technologies and the risks they present. Standards should not be changed without an appropriate risk assessment.

Send email to admin@getfreedumps for new dumps request!!!