AllExam Dumps

DUMPS, FREE DUMPS, VCP5 DUMPS| VMWARE DUMPS, VCP DUMPS, VCP4 DUMPS, VCAP DUMPS, VCDX DUMPS, CISCO DUMPS, CCNA, CCNA DUMPS, CCNP DUMPS, CCIE DUMPS, ITIL, EXIN DUMPS,


READ Free Dumps For
Warning: Undefined variable $vendor in /home1/bandbozu/getfreedumps.com/quiz.php on line 141
-
Warning: Undefined variable $exam_number in /home1/bandbozu/getfreedumps.com/quiz.php on line 141





Question ID 16911

A risk assessment and business impact analysis (BIA) have been completed for a major
proposed purchase and new process for an organization. There is disagreement between
the information security manager and the business department manager who will own the
process regarding the results and the assigned risk. Which of the following would be the
BES T approach of the information security manager?

Option A

Acceptance of the business manager's decision on the risk to the corporation

Option B

Acceptance of the information security manager's decision on the risk to the corporation

Option C

 Review of the assessment with executive management for final input

Option D

A new risk assessment and BIA are needed to resolve the disagreement

Correct Answer C
Explanation Explanation: Executive management must be supportive of the process and fully understand and agree with the results since risk management decisions can often have a large financial impact and require major changes. Risk management means different things to different people, depending upon their role in the organization, so the input of executive management is important to the process.


Question ID 16912

The cost of implementing a security control should not exceed the:

Option A

annualized loss expectancy.

Option B

cost of an incident.

Option C

asset value.

Option D

implementation opportunity costs.

Correct Answer C
Explanation Explanation: The cost of implementing security controls should not exceed the worth of the asset. Annualized loss expectancy represents the losses drat are expected to happen during a single calendar year. A security mechanism may cost more than this amount (or the cost of a single incident) and still be considered cost effective. Opportunity costs relate to revenue lost by forgoing the acquisition of an item or the making of a business decision.

Send email to admin@getfreedumps for new dumps request!!!