Which of the following functions needed to implement the information security program evaluates patches used to close software vulnerabilities and acceptance testing of new systems to assure compliance with policy and effectiveness?
A) Systems testing
B) Risk assessment
C) Incident response
D) Systems security administration

Question

Quizplus · Accepted Answer

The function that evaluates patches and conducts acceptance testing is systems testing, which helps ensure that software vulnerabilities are promptly closed and that newly implemented systems comply with information security policies and are effective. Risk assessment is focused on identifying and analyzing threats and vulnerabilities to make informed decisions about the allocation of resources to mitigate risks. Incident response involves responding to and mitigating actual security incidents. Systems security administration involves the day-to-day management of security controls to ensure they are properly configured and functioning as intended.

Which of the Following Functions Needed to Implement the Information