Multiple Choice
Which of the following is NOT one of the three types of performance measures used by organizations?
A) Those that determine the effectiveness of the execution of InfoSec policy
B) Those that determine the effectiveness and/or efficiency of the delivery of InfoSec services
C) Those that evaluate the compliance of non-security personnel in adhering to InfoSec policy
D) Those that assess the impact of an incident or other security event on the organization
Or its mission
Correct Answer:
Verified
Correct Answer:
Verified
Q13: Why it measurement prioritization and selection important?How
Q14: A practice related to benchmarking is _,which
Q15: Which of the following is the last
Q16: According to NIST SP 800-37,which of the
Q17: The data or the trends in data
Q19: InfoSec measurements collected from production statistics depend
Q20: Organizations must consider all but which of
Q21: <U>Standardization</U> is an an attempt to improve
Q22: Using a practice called baselining,you are able
Q23: Attaining certification in security management is a