Multiple Choice
Organizations must consider all but which of the following during development and implementation of an InfoSec measurement program?
A) Measurements must yield quantifiable information
B) Data that supports the measures needs to be readily obtainable
C) Only repeatable InfoSec processes should be considered for measurement
D) Measurements must be useful for tracking non-compliance by internal personnel
Correct Answer:
Verified
Correct Answer:
Verified
Q15: Which of the following is the last
Q16: According to NIST SP 800-37,which of the
Q17: The data or the trends in data
Q18: Which of the following is NOT one
Q19: InfoSec measurements collected from production statistics depend
Q21: <U>Standardization</U> is an an attempt to improve
Q22: Using a practice called baselining,you are able
Q23: Attaining certification in security management is a
Q24: Recommended <U>practices</U> are those security efforts that
Q25: Compare and contrast accreditation and certification.