New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CTPRP VCE Exam Download

Page: 2 / 9
Total 125 questions

Certified Third-Party Risk Professional (CTPRP) Questions and Answers

Question 5

An IT asset management program should include all of the following components EXCEPT:

Options:

A.

Maintaining inventories of systems, connections, and software applications

B.

Defining application security standards for internally developed applications

C.

Tracking and monitoring availability of vendor updates and any timelines for end of support

D.

Identifying and tracking adherence to IT asset end-of-life policy

Question 6

Which of the following statements is FALSE about Data Loss Prevention Programs?

Options:

A.

DLP programs include the policy, tool configuration requirements, and processes for the identification, blocking or monitoring of data

B.

DLP programs define the consequences for non-compliance to policies

C.

DLP programs define the required policies based on default tool configuration

D.

DLP programs include acknowledgement the company can apply controls to remove any data

Question 7

Which statement reflects a requirement that is NOT typically found in a formal Information Security Incident Management Program?

Options:

A.

The program includes the definition of internal escalation processes

B.

The program includes protocols for disclosure of information to external parties

C.

The program includes mechanisms for notification to clients

D.

The program includes processes in support of disaster recovery

Question 8

Which statement is NOT a method of securing web applications?

Options:

A.

Ensure appropriate logging and review of access and events

B.

Conduct periodic penetration tests

C.

Adhere to web content accessibility guidelines

D.

Include validation checks in SDLC for cross site scripting and SOL injections

Page: 2 / 9
Total 125 questions