Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
i honestly would pick none of the answers. Focus on most critical assets can't be the right answer, that would leave other assets vulnerable. Transferring risk to an insurance company? that might compensate some costs, but will NOT protect your company getting hit by a severe attack...and fines in case of regulations. My thoughts here are to harden the incident response process, implement a stronger process and tech, implement network segreration and strong IAM to limit the damage and potential lateral movement. Thats the theority everyone gets a victim of an attack..the difference is the severity and capability to stop bleeding..
We should be thinking quantitatively, we know that there is or will be a breach. Insurance is a must for us. However, we do not know which assets. Correct one is B
If there is a breach, the organization will prioritize the security efforts on high value assets. It is too late to have insurance and you may not have enough resource to put on all assets as well.
It is about assumption that we have already a breach, at this point we need to remediate the risk of Regulatory or compliance fines and paneities. Hence Answer B is correct.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Emporeo
3 weeks, 3 days agoab1523e
4 weeks agomusagul
2 months, 1 week ago7926e67
2 months, 3 weeks agoMalik2165
4 months, 4 weeks agoRC2073
7 months, 3 weeks agoarifbhatkar
9 months, 3 weeks agoPika26
1 year, 1 month agotnagy
1 year, 1 month ago