CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 108
1. A CIO has asked the organization's information security manager to provide both one-year and five-year plans for the information security program. What is thePRIMARY purpose for the long-term plan?
A) To create formal requirements to meet projected security needs for the future
B) To create and document a consistent progression of security capabilities
C) To prioritize risks on a longer scale than the one-year plan
D) To facilitate the continuous improvement of the IT organization
2. Which of the following has the MOST direct impact on the usability of an organization's asset classification program?
A) The granularity of classifications in the hierarchy
B) The frequency of updates to the organization's risk register
C) The business objectives of the organization
D) The support of senior management for the classification scheme
3. Which of the following is the MOST important factor to ensure information security is meeting the organization's objectives?
A) Internal audit's involvement in the security process
B) Implementation of a control self-assessment process
C) Establishment of acceptable risk thresholds
D) Implementation of a security awareness program
4. An organization has an approved bring your own device (BYOD) program. Which of the following is the MOST effective method to enforce application control on personal devices?
A) Establish a mobile device acceptable use policy.
B) Implement a mobile device management solution.
C) Educate users regarding the use of approved applications.
D) Implement a web application firewall.
5. Which of the following is the MOST important consideration in a bring your own device (BYOD) program to protect company data in the event of a loss?
A) The ability to remotely locate devices
B) The ability to centrally manage devices
C) The ability to restrict unapproved applications
D) The ability to classify types of devices
A) To create formal requirements to meet projected security needs for the future
B) To create and document a consistent progression of security capabilities
C) To prioritize risks on a longer scale than the one-year plan
D) To facilitate the continuous improvement of the IT organization
2. Which of the following has the MOST direct impact on the usability of an organization's asset classification program?
A) The granularity of classifications in the hierarchy
B) The frequency of updates to the organization's risk register
C) The business objectives of the organization
D) The support of senior management for the classification scheme
3. Which of the following is the MOST important factor to ensure information security is meeting the organization's objectives?
A) Internal audit's involvement in the security process
B) Implementation of a control self-assessment process
C) Establishment of acceptable risk thresholds
D) Implementation of a security awareness program
4. An organization has an approved bring your own device (BYOD) program. Which of the following is the MOST effective method to enforce application control on personal devices?
A) Establish a mobile device acceptable use policy.
B) Implement a mobile device management solution.
C) Educate users regarding the use of approved applications.
D) Implement a web application firewall.
5. Which of the following is the MOST important consideration in a bring your own device (BYOD) program to protect company data in the event of a loss?
A) The ability to remotely locate devices
B) The ability to centrally manage devices
C) The ability to restrict unapproved applications
D) The ability to classify types of devices
1. Right Answer: D
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: B
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: B
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment