AllExam Dumps

DUMPS, FREE DUMPS, VCP5 DUMPS| VMWARE DUMPS, VCP DUMPS, VCP4 DUMPS, VCAP DUMPS, VCDX DUMPS, CISCO DUMPS, CCNA, CCNA DUMPS, CCNP DUMPS, CCIE DUMPS, ITIL, EXIN DUMPS,


READ Free Dumps For
Warning: Undefined variable $vendor in /home1/bandbozu/getfreedumps.com/quiz.php on line 141
-
Warning: Undefined variable $exam_number in /home1/bandbozu/getfreedumps.com/quiz.php on line 141





Question ID 16849

The PRIMARY objective of a security steering group is to:

Option A

ensure information security covers all business functions.

Option B

ensure information security aligns with business goals.

Option C

raise information security awareness across the organization.

Option D

implement all decisions on security management across the organization.

Correct Answer B
Explanation Explanation: The security steering group comprises senior management of key business functions and has the primary objective to align the security strategy with the business direction. Option A is incorrect because all business areas may not be required to be covered by information security; but, if they do, the main purpose of the steering committee would be alignment more so than coverage. While raising awareness is important, this goal would not be carried out by the committee itself. The steering committee may delegate part of the decision making to the information security manager; however, if it retains this authority, it is not the primary' goal.


Question ID 16850

An information security manager at a global organization has to ensure that the local
information security program will initially ensure compliance with the:

Option A

corporate data privacy policy.

Option B

data privacy policy where data are collected.

Option C

 data privacy policy of the headquarters' country.

Option D

data privacy directive applicable globally.

Correct Answer B
Explanation Explanation: As a subsidiary, the local entity will have to comply with the local law for data collected in the country. Senior management will be accountable for this legal compliance. The policy, being internal, cannot supersede the local law. Additionally, with local regulations differing from the country in which the organization is headquartered, it is improbable that a group wide policy will address all the local legal requirements. In case of data collected locally (and potentially transferred to a country with a different data privacy regulation), the local law applies, not the law applicable to the head office. The data privacy laws are country- specific.

Send email to admin@getfreedumps for new dumps request!!!