Users Online

· Guests Online: 42

· Members Online: 0

· Total Members: 188
· Newest Member: meenachowdary055

Forum Threads

Newest Threads
No Threads created
Hottest Threads
No Threads created

Latest Articles

· Do while loop
· The for loop in C
· C while loop
· Pointers in C
· Functions in C

Articles Hierarchy

Articles Home » CISA » Isaca- CISM

Isaca- CISM

 

Question ID 16810

When a security standard conflicts with a business objective, the situation should be
resolved by:
Option A

changing the security standard.
Option B

 changing the business objective.
Option C

 performing a risk analysis.
Option D

 authorizing a risk acceptance.
Correct Answer C
Description Explanation: Conflicts of this type should be based on a risk analysis of the costs and benefits of allowing or disallowing an exception to the standard. It is highly improbable that a business objective could be changed to accommodate a security standard, while risk acceptance* is a process that derives from the risk analysis.
Update Date and Time 2017-12-29 04:32:22

 

Question ID 16811

Minimum standards for securing the technical infrastructure should be defined in a security:
Option A

strategy.
Option B

guidelines.
Option C

model.
Option D

architecture.
Correct Answer D

Description Explanation: Minimum standards for securing the technical infrastructure should be defined in a security architecture document. This document defines how components are secured and the security services that should be in place. A strategy is a broad, high-level document. A guideline is advisory in nature, while a security model shows the relationships between components.
Update Date and Time 2017-12-29 04:35:34

 

 

· Posted by Superadmin on July 24 2020 · 0 Comments · 387 Reads · Print
Page 3 of 6: 123456

Comments

No Comments have been Posted.

Post Comment

Please Login to Post a Comment.

Ratings

Rating is available to Members only.

Please login or register to vote.
No Ratings have been Posted.
Render time: 1.12 seconds
10,823,373 unique visits