FreeCram
  1. Home
  2. BCS
  3. BCS Foundation Certificate in Information Security Management Principles V9.0
  4. BCS.CISMP-V9.v2021-04-05.q35
  5. Question 10
<< Prev Question Next Question >>

Question 10/35

When considering outsourcing the processing of data, which two legal "duty of care" considerations SHOULD the original data owner make?
1 Third party is competent to process the data securely.
2. Observes the same high standards as data owner.
3. Processes the data wherever the data can be transferred.
4. Archive the data for long term third party's own usage.

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (35q)
Question 1: A security analyst has been asked to provide a triple A serv...
Question 2: In business continuity, what is a battle box?...
Question 3: You are undertaking a qualitative risk assessment of a likel...
Question 4: According to ISO/IEC 27000, which of the following is the de...
Question 5: Which of the following is MOST LIKELY to be described as a c...
Question 6: What Is the PRIMARY reason for organisations obtaining outso...
Question 7: What type of diagram used in application threat modeling inc...
Question 8: Once data has been created In a standard information lifecyc...
Question 9: Which of the following is NOT an accepted classification of ...
Question 10: When considering outsourcing the processing of data, which t...
Question 11: When establishing objectives for physical security environme...
Question 12: Which standards framework offers a set of IT Service Managem...
Question 13: What form of training SHOULD developers be undertaking to un...
Question 14: Which of the following describes a qualitative risk assessme...
Question 15: In order to better improve the security culture within an or...
Question 16: Why is it prudent for Third Parties to be contracted to meet...
Question 17: Which of the following types of organisation could be consid...
Question 18: Why should a loading bay NEVER be used as a staff entrance?...
Question 19: Which of the following testing methodologies TYPICALLY invol...
Question 20: What Is the KEY purpose of appending security classification...
Question 21: When an organisation decides to operate on the public cloud,...
Question 22: Which of the following cloud delivery models is NOT intrinsi...
Question 23: Why might the reporting of security incidents that involve p...
Question 24: What type of attack could directly affect the confidentialit...
Question 25: Which types of organisations are likely to be the target of ...
Question 26: Which of the following international standards deals with th...
Question 27: What types of web application vulnerabilities continue to be...
Question 28: Which of the following is NOT considered to be a form of com...
Question 29: In order to maintain the currency of risk countermeasures, h...
Question 30: Which term describes the acknowledgement and acceptance of o...
Question 31: In business continuity (BC) terms, what is the name of the i...
Question 32: Which three of the following characteristics form the AAA Tr...
Question 33: Which of the following acronyms covers the real-time analysi...
Question 34: Which of the following compliance legal requirements are cov...
Question 35: When seeking third party digital forensics services, what tw...