The likelihood of a malicious attacker exploiting one of the vulnerabilities is low; however, the director still has some reservations about approving the system because of which of the following?

Posted by: Pdfprep Category: CAS-001 Tags: , ,

A newly-appointed risk management director for the IT department at Company XYZ, a major pharmaceutical manufacturer, needs to conduct a risk analysis regarding a new system which the developers plan to bring on-line in three weeks. The director begins by reviewing the thorough and well-written report from the independent contractor who performed a security assessment of the system. The report details what seems to be a manageable volume of infrequently exploited security vulnerabilities.

The likelihood of a malicious attacker exploiting one of the vulnerabilities is low; however, the director still has some reservations about approving the system because of which of the following?
A . The resulting impact of even one attack being realized might cripple the company financially.
B . Government health care regulations for the pharmaceutical industry prevent the director from approving a system with vulnerabilities.
C . The director is new and is being rushed to approve a project before an adequate assessment has been performed.
D . The director should be uncomfortable accepting any security vulnerabilities and should find time to correct them before the system is deployed.

Answer: A

Leave a Reply

Your email address will not be published.