CISM Exam Questions Resource - Metrics for Information Security Program

« How to Secure Customized Transactions in SAP R/3? S_TCODE / ASSIGNING AUTHORIZATION OBJECTS

Information Security Glossary - Definition of RISK »

CISM Exam Questions Resource - Metrics for Information Security Program

Q). Out of the follwoing, which is the best metric to manage the information security program?

A. Number of systems subject to intrusion detection.
B. Amount of downtime caused by security incidents.
C. Number of recorded deviations from minimum information security requirements.
D. Time lag between detection, reporting and acting upon security incidents.

Answer:

The information Security Program is a nothing but a standard set of security requirement for an organziation. Thus, the most important security metric would be monitor deviations from the minimum set of security requirements. The answer is thus "C".

More CISM Questions >>

>> Vulnerability Testing
>> Risk Assessment
>> Information Classification
>> Role Based Access Controls

01/23/06 08:45:57 pm , by big4guy

, 186 views, Question of the Day, Leave a comment »

Feedback awaiting moderation

This post has 9 feedbacks awaiting moderation...

Comment feed for this post

Categories

XML Feeds

Search Big4Guy

Sponsored