AllExam Dumps

DUMPS, FREE DUMPS, VCP5 DUMPS| VMWARE DUMPS, VCP DUMPS, VCP4 DUMPS, VCAP DUMPS, VCDX DUMPS, CISCO DUMPS, CCNA, CCNA DUMPS, CCNP DUMPS, CCIE DUMPS, ITIL, EXIN DUMPS,


READ Free Dumps For
Warning: Undefined variable $vendor in /home1/bandbozu/getfreedumps.com/quiz.php on line 141
-
Warning: Undefined variable $exam_number in /home1/bandbozu/getfreedumps.com/quiz.php on line 141





Question ID 16899

The MOST basic requirement for an information security governance program is to:

Option A

be aligned with the corporate business strategy.

Option B

be based on a sound risk management approach.

Option C

provide adequate regulatory compliance.

Option D

provide best practices for security- initiatives.

Correct Answer A
Explanation Explanation: To receive senior management support, an information security program should be aligned with the corporate business strategy. Risk management is a requirement of an information security program which should take into consideration the business strategy. Security governance is much broader than just regulatory compliance. Best practice is an operational concern and does not have a direct impact on a governance program.


Question ID 16900

Acceptable levels of information security risk should be determined by:

Option A

legal counsel.

Option B

 security management.

Option C

external auditors.

Option D

die steering committee.

Correct Answer D
Explanation Explanation: Senior management, represented in the steering committee, has ultimate responsibility for determining what levels of risk the organization is willing to assume. Legal counsel, the external auditors and security management are not in a position to make such a decision.

Send email to admin@getfreedumps for new dumps request!!!