CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 35
1. An IS auditor determines that an online retailer processing credit card information does not have a data classification process. The auditor's NEXT step should be to:
A) recommend encryption of all sensitive data at rest
B) determine existing controls around sensitive data
C) recommend the implementation of data loss prevention (DLP) tools
D) inquire if there have been any data loss incidents
2. An IS auditor is reviewing an organization's network vulnerability scan results. Which of the following processes would the scan results MOST likely feed into?
A) Firewall maintenance
B) Patch management
C) Incident response
D) Traffic management
3. A core business unit relies on an effective legacy system that does not meet the current standards and threatens the enterprise network. Which of the following isthe BESTcourse of action to address the situation?
A) Require the new systems that can meet the standards be implemented.
B) Document the deficiencies in the risk register.
C) Develop processes to compensate for the deficiencies.
D) Disconnect the legacy system from the rest of the network.
4. Which of the following would BEST enable effective decision-making?
A) Annualized loss estimates determined from past security events.
B) A universally applied list of generic threats impacts, and vulnerabilities
C) Formalized acceptance of risk analysis by business management
D) A consistent process to analyze new and historical information risk
5. A critical server for a hospital has been encrypted by ransomware. The hospital is unable to function effectively without this server. Which of the following wouldMOST effectively allow the hospital to avoid paying the ransom?
A) A continual server replication process
B) A property tested offline backup system
C) A property configured firewall
D) Employee training on ransomware
A) recommend encryption of all sensitive data at rest
B) determine existing controls around sensitive data
C) recommend the implementation of data loss prevention (DLP) tools
D) inquire if there have been any data loss incidents
2. An IS auditor is reviewing an organization's network vulnerability scan results. Which of the following processes would the scan results MOST likely feed into?
A) Firewall maintenance
B) Patch management
C) Incident response
D) Traffic management
3. A core business unit relies on an effective legacy system that does not meet the current standards and threatens the enterprise network. Which of the following isthe BESTcourse of action to address the situation?
A) Require the new systems that can meet the standards be implemented.
B) Document the deficiencies in the risk register.
C) Develop processes to compensate for the deficiencies.
D) Disconnect the legacy system from the rest of the network.
4. Which of the following would BEST enable effective decision-making?
A) Annualized loss estimates determined from past security events.
B) A universally applied list of generic threats impacts, and vulnerabilities
C) Formalized acceptance of risk analysis by business management
D) A consistent process to analyze new and historical information risk
5. A critical server for a hospital has been encrypted by ransomware. The hospital is unable to function effectively without this server. Which of the following wouldMOST effectively allow the hospital to avoid paying the ransom?
A) A continual server replication process
B) A property tested offline backup system
C) A property configured firewall
D) Employee training on ransomware
1. Right Answer: B
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment