Friday, April 17, 2015

CISSP Exam Preparation (Question 292)

(292) Which one of the following is the MAIN goal of a security awareness program when addressing senior management?

A. Provide a vehicle for communicating security procedures.
B. Provide a clear understanding of potential risk and exposure.
C. Provide a forum for disclosing exposure and risk analysis.
D. Provide a forum to communicate user responsibilities.

Correct Answer: B

Explanation/Reference:

Explanation:
When the Security Officer is addressing Senior Management, the focus would not be on user
responsibilities, it would be on making sure the Senior Management have a clear understanding of the risk and potential liability is Not D: Item D would be correct in a situation where Senior Management is addressing organizational staff.

- Muhammad Idham Azhari

No comments: