PrepAway - Latest Free Exam Questions & Answers

What should the security manager do FIRST?

A project manager is developing a developer portal and requests that the security manager assign a public IP address so that it can be accessed by in-house staff and by external consultants outside the organization’s local are network (LAN).
What should the security manager do FIRST?

PrepAway - Latest Free Exam Questions & Answers

A.
Understand the business requirements of the developer portal

B.
Perform a vulnerability assessment of the developer portal

C.
Install an intrusion detection system (IDS)

D.
Obtain a signed nondisclosure agreement (NDA) from the external consultants before allowing external access to the server

Explanation:
The information security manager cannot make an informed decision about the request without first understanding the business requirements of the developer portal. Performing a vulnerability assessment of developer portal and installing an intrusion detection system (IDS) are best practices but are subsequent to understanding the requirements. Obtaining a signed nondisclosure agreement will not take care of the risks inherent in the organization’s application.

One Comment on “What should the security manager do FIRST?


Leave a Reply