Which of the following BEST meets the needs of the board?

– by 2

The Chief Information Officer (CIO) has been asked to develop a security dashboard with the relevant metrics. The board of directors will use the dashboard to monitor and track the overall security posture of the organization. The CIO produces a basic report containing both KPI and KRI data in two separate sections for the board to review.
Which of the following BEST meets the needs of the board?
A. KRI:
– Compliance with regulations
– Backlog of unresolved security investigations
– Severity of threats and vulnerabilities reported by sensors- Time to patch critical issues on a monthly basis KPI:
– Time to resolve open security items
– % of suppliers with approved security control frameworks
– EDR coverage across the fleet
– Threat landscape rating
B. KRI:
– EDR coverage across the fleet
– Backlog of unresolved security investigations
– Time to patch critical issues on a monthly basis- Threat landscape rating KPI:
– Time to resolve open security items
– Compliance with regulations
– % of suppliers with approved security control frameworks
– Severity of threats and vulnerabilities reported by sensors
C. KRI:
– EDR coverage across the fleet
– % of suppliers with approved security control framework
– Backlog of unresolved security investigations- Threat landscape rating KPI:
– Time to resolve open security items
– Compliance with regulations
– Time to patch critical issues on a monthly basis
– Severity of threats and vulnerabilities reported by sensors
D. KPI:
– Compliance with regulations
– % of suppliers with approved security control frameworks
– Severity of threats and vulnerabilities reported by sensors- Threat landscape rating KRI:
– Time to resolve open security items
– Backlog of unresolved security investigations
– EDR coverage across the fleet
– Time to patch critical issues on a monthly basis

How to PASS CAS-004 in First Attempt?

FULL Printable PDF and Software. VALID exam to help you PASS.
comptia-exams

2 thoughts on “Which of the following BEST meets the needs of the board?

  1. C – More about NOT having enough time to “over-analyze” a question and the options than anything, I just picked what the closest was. I marked R next to what I thought was KRI and P next to Performance. I still had to “force one” to fit. KPI – what are WE doing about it?, KRI – what are the things that pose a threat to us?

    KRI:
    – EDR coverage across the fleet R
    – % of suppliers with approved security control framework R
    – Backlog of unresolved security investigations R – could also fit in KPI
    – Threat landscape rating R
    KPI:
    – Time to resolve open security items P
    – Compliance with regulations P
    – Time to patch critical issues on a monthly basis P
    – Severity of threats and vulnerabilities reported by sensors P – could also fit in Risk

    1
    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.