CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 31
1. An IS auditor finds that application servers had inconsistent configurations leading to potential security vulnerabilities. Which of the following should the auditor recommend FIRST?
A) Enforce server baseline standards.
B) Improve change management processes using a workflow tool.
C) Hold the application owner accountable for monitoring metrics.
D) Use a single vendor for the application servers.
2. Implementing a strong password policy is part of an organization's information security strategy for the year. A business unit believes the strategy may adversely affect a client's adoption of a recently developed mobile application and has decided not to implement the policy. Which of the following would be the information security manager's BEST course of action?
A) Analyze the risk and impact of not implementing the policy
B) Develop and implement a password policy for the mobile application
C) Escalate non-implementation of the policy to senior management
D) Benchmark with similar mobile applications to identify gaps
3. In a multinational organization, local security regulations should be implemented over global security policy because:
A) global security policies include unnecessary controls for local businesses
B) business objectives are defined by local business unit managers
C) requirements of local regulations take precedence
D) deploying awareness of local regulations is more practical than of global policy
4. Which of the following is a step in establishing a security policy?
A) Developing platform-level security baselines.
B) Developing configurations parameters for the network,
C) Implementing a process for developing and maintaining the policy.
D) Creating a RACI matrix.
5. A large number of exceptions to an organization's information security standards have been granted after senior management approved a bring your own device(BYOD) program. To address this situation, it is MOSTimportant for the information security manage to:
A) introduce strong authentication on devices
B) reject new exception requests
C) require authorization to wipe lost devices
D) update the information security policy
A) Enforce server baseline standards.
B) Improve change management processes using a workflow tool.
C) Hold the application owner accountable for monitoring metrics.
D) Use a single vendor for the application servers.
2. Implementing a strong password policy is part of an organization's information security strategy for the year. A business unit believes the strategy may adversely affect a client's adoption of a recently developed mobile application and has decided not to implement the policy. Which of the following would be the information security manager's BEST course of action?
A) Analyze the risk and impact of not implementing the policy
B) Develop and implement a password policy for the mobile application
C) Escalate non-implementation of the policy to senior management
D) Benchmark with similar mobile applications to identify gaps
3. In a multinational organization, local security regulations should be implemented over global security policy because:
A) global security policies include unnecessary controls for local businesses
B) business objectives are defined by local business unit managers
C) requirements of local regulations take precedence
D) deploying awareness of local regulations is more practical than of global policy
4. Which of the following is a step in establishing a security policy?
A) Developing platform-level security baselines.
B) Developing configurations parameters for the network,
C) Implementing a process for developing and maintaining the policy.
D) Creating a RACI matrix.
5. A large number of exceptions to an organization's information security standards have been granted after senior management approved a bring your own device(BYOD) program. To address this situation, it is MOSTimportant for the information security manage to:
A) introduce strong authentication on devices
B) reject new exception requests
C) require authorization to wipe lost devices
D) update the information security policy
1. Right Answer: A
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: D
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment