Blog

All of the following are true of business continuity plans (BCPs) and BCP policies, except:

True or False? A stateful firewall watches the traffic for a given connection and inspects the packets containing the data, looking for patterns and sequences that do not make sense.

Risk management is a both a governance process and a model that seeks consistent improvement. A series of steps must be followed every time a new risk emerges. Which of the following is not one of these steps?

There must be security policies in place to set core standards and requirements when it comes to encrypted data. Which of the following is not one of these standards or requirements?

True or False? A risk assessment defines threats and vulnerabilities and determines control recommendations.

Which of the following types of control standards in the System/Application Domain maintains control of visitors as well as power equipment and cabling?

All of the following are commonly identified from a risk and control self-assessment (RCSA), except:

True or False? For the sake of protection during a lawsuit, it is advised that an organization create a retention policy that delineates how data is regularly classified, deleted, and retained.

True or False? The risk and control self-assessment (RCSA) is utilized to construct plans for risk management, which can include the location of where to implement the procedures for quality assurance and quality control.

In a business impact analysis (BIA), the phase of defining the business’s components and the component priorities has several objectives. Which of the following is not one of the objectives?