CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 101
1. Which of the following is the PRIMARY advantage of desk checking a business continuity plan (BCP)?
A) Assesses the availability and compatibility a backup hardware
B) Allows for greater participation be management and the IT department
C) Ensures that appropriate follow-up work is performed on noted issues
D) Provides a low-cost method of assessing the BCP's completeness
2. An organization faces severe fines and penalties if not in compliance with local regulatory requirements by an established deadline. Senior management has asked the information security manager to prepare an action plan to achieve compliance. Which of the following would provide the MOST useful information for planning purposes?
A) Results from a gap analysis
B) Results from a business impact analysis
C) Deadlines and penalties for noncompliance
D) An inventory of security controls currently in place
3. A newly hired information security manager reviewing an existing security investment plan is MOST likely to be concerned when the plan:
A) is based solely on a review of security threats and vulnerabilities in existing IT systems
B) identifies potential impacts that the implementation may have on business processes
C) focuses on compliance with common international security standards
D) has summarized IT costs for implementation rather than providing detail
4. When building a corporate-wide business continuity plan, it is discovered there are two separate lines of business systems that could be impacted by the same threat. Which of the following is the BEST method to determine the priority of system recovery in the event of a disaster?
A) Evaluating the cost associated with each system's outage
B) Reviewing the business plans of each department
C) Comparing the recovery point objectives
D) Reviewing each system's key performance indicators
5. Information security awareness programs are MOST effective when they are:
A) customized for each target audience.
B) sponsored by senior management.
C) reinforced by computer-based training.
D) conducted at employee orientation
A) Assesses the availability and compatibility a backup hardware
B) Allows for greater participation be management and the IT department
C) Ensures that appropriate follow-up work is performed on noted issues
D) Provides a low-cost method of assessing the BCP's completeness
2. An organization faces severe fines and penalties if not in compliance with local regulatory requirements by an established deadline. Senior management has asked the information security manager to prepare an action plan to achieve compliance. Which of the following would provide the MOST useful information for planning purposes?
A) Results from a gap analysis
B) Results from a business impact analysis
C) Deadlines and penalties for noncompliance
D) An inventory of security controls currently in place
3. A newly hired information security manager reviewing an existing security investment plan is MOST likely to be concerned when the plan:
A) is based solely on a review of security threats and vulnerabilities in existing IT systems
B) identifies potential impacts that the implementation may have on business processes
C) focuses on compliance with common international security standards
D) has summarized IT costs for implementation rather than providing detail
4. When building a corporate-wide business continuity plan, it is discovered there are two separate lines of business systems that could be impacted by the same threat. Which of the following is the BEST method to determine the priority of system recovery in the event of a disaster?
A) Evaluating the cost associated with each system's outage
B) Reviewing the business plans of each department
C) Comparing the recovery point objectives
D) Reviewing each system's key performance indicators
5. Information security awareness programs are MOST effective when they are:
A) customized for each target audience.
B) sponsored by senior management.
C) reinforced by computer-based training.
D) conducted at employee orientation
1. Right Answer: C
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment