An organization has been notified of a breach related to its sensitive data. The point of compromise is the use of weak encryption algorithms on a web server that provides access to a legacy API. The organization had previously decided to accept the risk of using weak algorithms due to the cost to continually develop the legacy platform. Other system owners need to be aware of the increased likelihood of this threat. Which of the following should be reviewed by the CERT and presented to system owners to ensure a proper risk analysis is performed?
A. Lessons learned
B. Incident log
C. Risk register
D. Root-cause analysis
E. Gap analysis
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
