CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 102
1. Which of the following is the MOST effective method of determining security priorities?
A) Impact analysis
B) Threat assessment
C) Vulnerability assessment
D) Gap analysis
2. When developing an incident response plan, the information security manager should:
A) include response scenarios that have been approved previously by business management.
B) determine recovery time objectives (RTOs).
C) allow IT to decide which systems can be removed from the infrastructure.
D) require IT to invoke the business continuity plan.
3. To implement a security framework, an information security manager must FIRST develop:
A) security standards.
B) security procedures.
C) a security policy.
D) security guidelines.
4. An organization is planning to open a new office in another country. Sensitive data will be routinely sent between two offices. What should be the information security manager's FIRST course of action?
A) Identify applicable regulatory requirements to establish security policies.
B) Update privacy policies to include the other country's laws and regulations.
C) Apply the current corporate security policies to the new office.
D) Encrypt the data for transfer to the head office based on security manager approval.
5. As part of an international expansion plan, an organization has acquired a company located in another jurisdiction. Which of the following would be the BEST way to maintain any effective information security program?
A) Ensure information security is included in any change control efforts
B) Merge the two information security programs to establish continuity
C) Determine new factors that could influence the information security strategy
D) Implement the current information security program in the acquired company
A) Impact analysis
B) Threat assessment
C) Vulnerability assessment
D) Gap analysis
2. When developing an incident response plan, the information security manager should:
A) include response scenarios that have been approved previously by business management.
B) determine recovery time objectives (RTOs).
C) allow IT to decide which systems can be removed from the infrastructure.
D) require IT to invoke the business continuity plan.
3. To implement a security framework, an information security manager must FIRST develop:
A) security standards.
B) security procedures.
C) a security policy.
D) security guidelines.
4. An organization is planning to open a new office in another country. Sensitive data will be routinely sent between two offices. What should be the information security manager's FIRST course of action?
A) Identify applicable regulatory requirements to establish security policies.
B) Update privacy policies to include the other country's laws and regulations.
C) Apply the current corporate security policies to the new office.
D) Encrypt the data for transfer to the head office based on security manager approval.
5. As part of an international expansion plan, an organization has acquired a company located in another jurisdiction. Which of the following would be the BEST way to maintain any effective information security program?
A) Ensure information security is included in any change control efforts
B) Merge the two information security programs to establish continuity
C) Determine new factors that could influence the information security strategy
D) Implement the current information security program in the acquired company
1. Right Answer: A
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: C
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment