- (Topic 3)
The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help
mitigate the risks?
Correct Answer:
D
- (Topic 3)
You currently cannot provide for 24/7 coverage of your security monitoring and incident response duties and your company is resistant to the idea of adding more full-time employees to the payroll. Which combination of solutions would help to provide the coverage needed without the addition of more dedicated staff? (choose the best answer):
Correct Answer:
B
- (Topic 3)
Which of the following is the MOST important component of any change management process?
Correct Answer:
D
- (Topic 1)
What is the SECOND step to creating a risk management methodology according to the National Institute of Standards and Technology (NIST) SP 800-30 standard?
Correct Answer:
D
- (Topic 5)
Human resource planning for security professionals in your organization is a:
Correct Answer:
C