Question

Which of the following provides the MOST comprehensive understanding of an organization’s information security posture? A....

Which of the following provides the MOST comprehensive understanding of an organization’s information security posture?

A. Risk management metrics
B. External audit findings
C. Results of vulnerability assessments
D. The organization’s security incident trends

Correct Answer: A ???? or D?????? or ...........

______________________

Note

■ Some good websites claim that the correct answer is A ("Risk management metrics").

■ Others good websites claim that the correct answer is D ("The organization’s security incident trends").

■ Why A and not D? Why D and not A?

Many thanks!

Engineering   Computer-Science   
0 0
Add a commentTranscribed image text
Next >

Homework Answers

Answer #1

Answer : A. Risk management metrics

Explanation :

  • Both Risk management metrics and The organisation’s security incident trends contains the data of previous occurred security incidents.
  • Risk management metrics is more comprehensive than The organisation’s security incident trends. Risk management metrics contains information like total number of risks that are identified and the number of risks which occurred. It also contains the frequency of risks, cost incurred for the risk and the status of the risk.
  • So, Risk management metrics is more comprehensive than The organisation’s security incident trends.
0 0
Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
An organization is considering the purchase of a competitor. To determine the competitor's security posture, the...
An organization is considering the purchase of a competitor. To determine the competitor's security posture, the BEST course of action for the organization's information security manager would be to: A. assess the security policy of the competitor. B. assess the key technical controls of the competitor. C. conduct a penetration test of the competitor. D. perform a security gap analysis on the competitor. Correct Answer: A???? or C????? or Others…. ______________________ Note ■ Some good websites claim that the correct...
A multinational organization wants to ensure its privacy program appropriately addresses privacy risk throughout its operations....
A multinational organization wants to ensure its privacy program appropriately addresses privacy risk throughout its operations. Which of the following would be of MOST concern to senior management? A. The organization uses a decentralized privacy governance structure. B. Privacy policies are only reviewed annually. C. The organization does not have a dedicated privacy officer. D. The privacy program does not include a formal training component. Correct Answer: A????   or   D???????? ______________________ Note ■ Some good websites claim that the correct...
Information classification is a fundamental step in determining: A. whether risk analysis objectives are met. B....
Information classification is a fundamental step in determining: A. whether risk analysis objectives are met. B. who has ownership of information. C. the type of metrics that should be captured. D. the security strategy that should be used. Correct Answer: B????? or D????????? ______________________ Note ■ Some experts claim that the correct answer is: "B. who has ownership of information." ■ Other experts claim that the correct answer is: "D. the security strategy that should be used." ■ What do...
5. Which of the following would not lead a manager to believe that an ethical concern...
5. Which of the following would not lead a manager to believe that an ethical concern exists? A. Have I done anything that coerced somebody to share this information? B. Is the contemplated technique for gathering information relevant? C. Have I done something to circumvent a system intended to secure or protect information? D. Have I misled anybody in order to gain access? 6. SWOT analysis is a framework for analyzing the internal and external environment of a company. It...
During the trial, lawyers for the accused said that the men believed that the accounting decisions...
During the trial, lawyers for the accused said that the men believed that the accounting decisions they made were appropriate at the time, and that the accounting treatment was approved by Nortel’s auditors from Deloitte & Touche. Judge Marrocco accepted these arguments. Marrocco added he was “not satisfied beyond a reasonable doubt” that the trio (i.e., Dunn, Beatty, and Gollogly) had “deliberately misrepresented” financial results. Given the facts of the case, do you believe Judge Marrocco’s decision was justified? Explain....
Using the model proposed by Lafley and Charan, analyze how Apigee was able to drive innovation....
Using the model proposed by Lafley and Charan, analyze how Apigee was able to drive innovation. case:    W17400 APIGEE: PEOPLE MANAGEMENT PRACTICES AND THE CHALLENGE OF GROWTH Ranjeet Nambudiri, S. Ramnarayan, and Catherine Xavier wrote this case solely to provide material for class discussion. The authors do not intend to illustrate either effective or ineffective handling of a managerial situation. The authors may have disguised certain names and other identifying information to protect confidentiality. This publication may not be...
What tools could AA leaders have used to increase their awareness of internal and external issues?...
What tools could AA leaders have used to increase their awareness of internal and external issues? ???ALASKA AIRLINES: NAVIGATING CHANGE In the autumn of 2007, Alaska Airlines executives adjourned at the end of a long and stressful day in the midst of a multi-day strategic planning session. Most headed outside to relax, unwind and enjoy a bonfire on the shore of Semiahmoo Spit, outside the meeting venue in Blaine, a seaport town in northwest Washington state. Meanwhile, several members of...
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT