New Year Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Which of the following is a process of identifying and documenting project roles, responsibilities, and reporting relationships?

A.

Capacity planning

B.

Enterprise resource planning

C.

Business Continuity planning

D.

Human resource planning

The disciplined and structured process, that integrates information security and risk management activities into the System Development Life Cycle, is provided by the risk management framework.

Choose the appropriate RMF steps.

A.

You work as a Network Administrator for uCertify Inc. The organization has constructed a cafeteria for their employees and you are responsible to select the access control method for the cafeteria.

There are a few conditions for giving access to the employees, which are as follows:

1. Top level management can get access any time.

2. Staff members can get access during the specified hours.

3. Guests can get access only in working hours.

Which of the following access control methods is suitable to accomplish the task?

A.

Discretionary access control

B.

Lattice-based access control

C.

Attribute-based access control

D.

Rule-based access control

Which of the following states that a user should never be given more privileges than are required to carry out a task?

A.

Principle of least privilege

B.

Role-based security

C.

Security through obscurity

D.

Segregation of duties

You work as a Security Administrator for uCertify Inc. You found that a person is coming inside the working area. Now, you want to ensure the authenticity of that person. By which of the following factors can you determine the accuracy of the authentication?

Each correct answer represents a complete solution. Choose all that apply.

A.

Two-factor authentication

B.

Three-factor authentication

C.

Many-factor authentication

D.

One-factor authentication

Which of the following procedures is to reduce the risk to personnel, property, and other assets while minimizing work disorders in the event of an emergency?

A.

Disaster Recovery Plan

B.

Cyber Incident Response Plan

C.

Occupant Emergency Plan

D.

Crisis Communication Plan

Single Loss Expectancy (SLE) represents an organization's loss from a single threat. Which of the following formulas best describes the Single Loss Expectancy (SLE)?

A.

SLE = Asset Value (AV) * Annualized Rate of Occurrence (ARO)

B.

SLE = Annualized Loss Expectancy (ALE) * Exposure Factor (EF)

C.

SLE = Asset Value (AV) * Exposure Factor (EF)

D.

SLE = Annualized Loss Expectancy (ALE) * Annualized Rate of Occurrence

Which of the following sections come under the ISO/IEC 27002 standard?

Each correct answer represents a complete solution. Choose all that apply.

A.

Asset management

B.

Security policy

C.

Financial assessment

D.

Risk assessment

Which of the following indicates that the project team has decided not to change the project management plan to deal with a risk?

A.

Risk transference

B.

Risk acceptance

C.

Risk avoidance

D.

Risk mitigation

You work as an Information Security Manager for uCertify Inc. You need to create the documentation on information security management system (ISMS). Which of the following is the governing principle behind ISMS?

A.

An organization should implement and maintain IDS to manage risks to the network.

B.

An organization should design, implement, and maintain a coherent set of policies, processes, and systems to manage risks to its information assets.

C.

An organization should design, implement, and maintain a coherent set of policies to ensure proper marketing of products.

D.

An organization should apply encryption to its information assets.