- Home
- ISACA
- ISACA Cybersecurity Audit Certificate Exam
- ISACA.Cybersecurity-Audit-Certificate.v2023-12-26.q37
- Question 27
Valid Cybersecurity-Audit-Certificate Dumps shared by ExamDiscuss.com for Helping Passing Cybersecurity-Audit-Certificate Exam! ExamDiscuss.com now offer the newest Cybersecurity-Audit-Certificate exam dumps, the ExamDiscuss.com Cybersecurity-Audit-Certificate exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com Cybersecurity-Audit-Certificate dumps with Test Engine here:
Access Cybersecurity-Audit-Certificate Dumps Premium Version
(136 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 27/37
Which of the following would provide the BEST basis for allocating proportional protection activities when comprehensive classification is not feasible?
Correct Answer: C
Explanation
The BEST basis for allocating proportional protection activities when comprehensive classification is not feasible is a business dependency assessment. This is because a business dependency assessment helps to identify the criticality and sensitivity of business processes and their supporting assets, based on their contribution to the organization's objectives and value proposition. This allows for prioritizing protection activities according to the level of risk and impact. The other options are not as effective as a business dependency assessment, because they either use a single classification level allocation (A), which does not account for different levels of risk and impact; require a significant amount of time and resources to perform a business process re-engineering (B); or rely on external parties to cover potential losses without reducing the likelihood or impact of incidents (D).
The BEST basis for allocating proportional protection activities when comprehensive classification is not feasible is a business dependency assessment. This is because a business dependency assessment helps to identify the criticality and sensitivity of business processes and their supporting assets, based on their contribution to the organization's objectives and value proposition. This allows for prioritizing protection activities according to the level of risk and impact. The other options are not as effective as a business dependency assessment, because they either use a single classification level allocation (A), which does not account for different levels of risk and impact; require a significant amount of time and resources to perform a business process re-engineering (B); or rely on external parties to cover potential losses without reducing the likelihood or impact of incidents (D).
- Question List (37q)
- Question 1: Strong data loss prevention (DLP) solutions help protect inf...
- Question 2: Which of the following is a limitation of intrusion detectio...
- Question 3: The GREATEST advantage of using a common vulnerability scori...
- Question 4: The risk of an evil twin attack on mobile devices is PRIMARI...
- Question 5: Which of the following describes specific, mandatory control...
- Question 6: Which of the following BEST facilitates the development of m...
- Question 7: In public key cryptography, digital signatures are primarily...
- Question 8: Which of the following should an IS auditor do FIRST to ensu...
- Question 9: An IS auditor has learned that a cloud service provider has ...
- Question 10: Which of the following is a feature of a stateful inspection...
- Question 11: Which of the following is a feature of an intrusion detectio...
- Question 12: Using a data loss prevention (DLP) solution to monitor data ...
- Question 13: Which of the following is the GREATEST advantage of using a ...
- Question 14: Which of the following contains the essential elements of ef...
- Question 15: Security awareness training is MOST effective against which ...
- Question 16: Which intrusion detection system component is responsible fo...
- Question 17: Which of the following is an objective of public key infrast...
- Question 18: Which type of tools look for anomalies in user behavior?...
- Question 19: Which of the following are politically motivated hackers who...
- Question 20: Which of the following is the SLOWEST method of restoring da...
- Question 21: Which of the following is the BEST indication of mature thir...
- Question 22: What would be an IS auditor's BEST response to an IT manager...
- Question 23: Within the NIST core cybersecurity framework, which function...
- Question 24: When reviewing user management roles, which of the following...
- Question 25: Availability can be protected through the use of:...
- Question 26: The second line of defense in cybersecurity includes:...
- Question 27: Which of the following would provide the BEST basis for allo...
- Question 28: Which of the following BEST characterizes security mechanism...
- Question 29: Which of the following is the MOST cost-effective technique ...
- Question 30: Which of the following provides the GREATEST assurance that ...
- Question 31: What is the PRIMARY purpose of creating a security architect...
- Question 32: Which of the following is the BEST indication that an organi...
- Question 33: What is the FIRST phase of the ISACA framework for auditors ...
- Question 34: Which of the following is the BEST method of maintaining the...
- Question 35: Which of the following is EASIEST for a malicious attacker t...
- Question 36: One way to control the integrity of digital assets is throug...
- Question 37: Which of the following is the GREATEST risk pertaining to se...
[×]
Download PDF File
Enter your email address to download ISACA.Cybersecurity-Audit-Certificate.v2023-12-26.q37.pdf