CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 113
1. Which of the following would be MOST helpful to the information security manager tasked with enforcing enhanced password standards?
A) Conducting password strength testing
B) Reeducating end users on creating strong complex passwords
C) Implementing a centralized identity management system
D) Implementing technical password controls to include strong complexity
2. Which of the following is the MOST practical control that an organization can implement to prevent unauthorized downloading of data to universal serial bus (USB) storage devices?
A) Two-factor authentication
B) Restrict drive usage
C) Strong encryption
D) Disciplinary action
3. Which of the following is the BEST method to determine whether an information security program meets an organization's business objectives?
A) Implement performance measures.
B) Review against international security standards.
C) Perform a business impact analysis (BIA).
D) Conduct an annual enterprise-wide security evaluation.
4. What is the BEST course of action when an information security manager finds an external service provider has not implemented adequate controls for safeguarding the organization's critical data?
A) Assess the impact of the control gap.
B) Initiate contract renegotiations.
C) Purchase additional insurance.
D) Conduct a controls audit of the provider.
5. A PRIMARY purpose of creating security policies is to:
A) implement management's governance strategy.
B) establish the way security tasks should be executed.
C) communicate management's security expectations.
D) define allowable security boundaries.
A) Conducting password strength testing
B) Reeducating end users on creating strong complex passwords
C) Implementing a centralized identity management system
D) Implementing technical password controls to include strong complexity
2. Which of the following is the MOST practical control that an organization can implement to prevent unauthorized downloading of data to universal serial bus (USB) storage devices?
A) Two-factor authentication
B) Restrict drive usage
C) Strong encryption
D) Disciplinary action
3. Which of the following is the BEST method to determine whether an information security program meets an organization's business objectives?
A) Implement performance measures.
B) Review against international security standards.
C) Perform a business impact analysis (BIA).
D) Conduct an annual enterprise-wide security evaluation.
4. What is the BEST course of action when an information security manager finds an external service provider has not implemented adequate controls for safeguarding the organization's critical data?
A) Assess the impact of the control gap.
B) Initiate contract renegotiations.
C) Purchase additional insurance.
D) Conduct a controls audit of the provider.
5. A PRIMARY purpose of creating security policies is to:
A) implement management's governance strategy.
B) establish the way security tasks should be executed.
C) communicate management's security expectations.
D) define allowable security boundaries.
1. Right Answer: C
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: B
Explanation:
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: B
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment