Interested to Buy Any Domain ? << Click Here >> for more details...
When developing a risk management program, the FIRST
activity to be performed is a/an:
A. threats assessment.
B. classification of data.
C. inventory of assets.
D. criticality analysis.
- 1 Answers
- 14274 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
Identification of the assets to be protected is the first
step in the development of a risk management program. A
listing of the threats that can affect the performance of
these assets and criticality analysis are later steps in the
process. Data classification is required for defining access
controls, and in criticality analysis.
| Is This Answer Correct ? | 8 Yes | 0 No |
The window of time recovery of information processing capabilities is based on the: A. criticality of the processes affected. B. quality of the data to be processed. C. nature of the disaster. D. applications that are mainframe based.
Which of the following is a form of an Internet attack? A. Searching for software design errors B. Guessing user passwords based on their personal information C. Breaking the deadman's door to gain entry D. Planting a trojan horse
To identify the value of inventory that has been kept for more than eight weeks, an IS auditor would MOST likely use: A. test data. B. statistical sampling. C. an integrated test facility. D. generalized audit software.
A LAN administrator normally would be restricted from: A. having end-user responsibilities. B. reporting to the end-user manager. C. having programming responsibilities. D. being responsible for LAN security administration.
Using test data as part of a comprehensive test of program controls in a continuous online manner is called a/an: A. test data/deck. B. base case system evaluation. C. integrated test facility (ITF). D. parallel simulation.
Electromagnetic emissions from a terminal represent an exposure because they: A. affect noise pollution. B. disrupt processor functions. C. produce dangerous levels of electric current. D. can be detected and displayed.
The MOST likely explanation for the use of applets in an Internet application is that: A. it is sent over the network from the server. B. the server does not run the program and the output is not sent over the network. C. they improve the performance of both the web server and network. D. it is a JAVA program downloaded through the web browser and executed by the web server of the client machine.
Which of the following risks would be increased by the installation of a database system? A. Programming errors B. Data entry errors C. Improper file access D. Loss of parity
In which of the following network configurations would problem resolution be the easiest? A. Bus B. Ring C.Star D. Mesh
Passwords should be: A. assigned by the security administrator. B. changed every 30 days at the discretion of the user. C. reused often to ensure the user does not forget the password. D. displayed on the screen so that the user can ensure that it has been entered properly.
An organization has contracted with a vendor for a turnkey solution for their electronic toll collection system (ETCS). The vendor has provided its proprietary application software as part of the solution. The contract should require that: A. a backup server be available to run ETCS operations with up-to-date data. B. a backup server be loaded with all the relevant software and data. C. the systems staff of the organization be trained to handle any event. D. source code of the ETCS application be placed in escrow.
An organization having a number of offices across a wide geographical area has developed a disaster recovery plan (DRP). Using actual resources, which of the following is the MOST cost-effective test of the DRP? A. Full operational test B. Preparedness test C. Paper test D. Regression test
Cisco Certifications 
