What mechanisms are used to identify deficiencies that would provide attackers with an opportunity to compromise a computer system?

Posted by: Pdfprep Category: CISM Tags: , ,

What mechanisms are used to identify deficiencies that would provide attackers with an opportunity to compromise a computer system?
A . Business impact analyses
B . Security gap analyses
C . System performance metrics
D . Incident response processes

Answer: B

Explanation:

A security gap analysis is a process which measures all security controls in place against typically good business practice, and identifies related weaknesses. A business impact analysis is less suited to identify security deficiencies. System performance metrics may indicate security weaknesses, but that is not their primary purpose. Incident response processes exist for cases where security weaknesses are exploited.

Leave a Reply

Your email address will not be published.