Which of the following should be determined FIRST when establishing a business continuity program?

• A.Cost to rebuild information processing facilities
• B.Incremental daily cost of the unavailability of systems
• C.Location and cost of offsite recovery facilities
• D.Composition and mission of individual recovery teams

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY objective of a security steering group is to:

• A.ensure information security covers all business functions.
• B.ensure information security aligns with business goals.
• C.raise information security awareness across the organization.
• D.implement all decisions on security management across the organization.

Comment: *

Name: *

Email: *

Verification: *

When preparing a risk treatment plan, which of the following is the MOST important consideration when reviewing options for mitigating risk?

• A.Business impact analysis (BIA)
• B.Cost-benefit analysis
• C.Control identification
• D.User acceptance

Comment: *

Name: *

Email: *

Verification: *

Which of the following ensures that newly identified security weaknesses in an operating system are mitigated in a timely fashion?

• A.Patch management
• B.Change management
• C.Security baselines
• D.Acquisition management

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY purpose of aligning information security with corporate governance objectives is to:

• A.build capabilities to improve security processes
• B.re-align roles and responsibilities.
• C.identity an organization s tolerance for risk
• D.consistently manage significant areas of risk.

Comment: *

Name: *

Email: *

Verification: *