Author: Anonymous

The incident response team (IRT) report that is ultimately generated for executive management must educate all stakeholders regarding exploited risks. Which of the following is least likely to be addressed in the report?

True or False? To reduce malware attacks, it can be useful to implement a content filtering standard.

True or False? A risk exposure is the impact to the organization when an event occurs.

True or False? Components, such as a database server, are defined during the business impact analysis (BIA) as well as their impact on the business.

True or False? LAN security policies focus on connectivity, such as defining how devices attach to the network.

True or False? The business impact analysis (BIA) contains the requirements for the business continuity plan (BCP) and the recovery time objective (RTO).

True or False? Whereas a guideline is a required control, a standard is a recommendation.

True or False? Organizations should retain information forever to satisfy the purposes of legal obligations and business operations.

True or False? Network access control (NAC) is an approach to mobile device management that allows devices to connect to only a guest network, not the corporate network.

All of the following are true of business continuity plans (BCPs) and BCP policies, except: