CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 114
1. Which of the following should be the PRIMARY consideration for an information security manager when designing security controls for a newly acquired business application?
A) Known vulnerabilities in the application
B) The IT security architecture framework
C) Cost-benefit analysis of current controls
D) Business processes supported by the application
2. Which of the following would provide the BEST justification for a new information security investment?
A) Results of a comprehensive threat analysis.
B) Projected reduction in risk.
C) Senior management involvement in project prioritization.
D) Defined key performance indicators (KPIs)
3. Which of the following is the PRIMARY reason for executive management to be involved in establishing an enterprise's security management framework?
A) To determine the desired state of enterprise security
B) To establish the minimum level of controls needed
C) To satisfy auditors' recommendations for enterprise security
D) To ensure industry best practices for enterprise security are followed
4. The PRIMARY reason for establishing a data classification scheme is to identify:
A) data ownership.
B) data-retention strategy.
C) appropriate controls.
D) recovery priorities.
5. Which of the following needs to be established between an IT service provider and its clients to the BEST enable adequate continuity of service in preparation for an outage?
A) Data retention policies
B) Server maintenance plans
C) Recovery time objectives
D) Reciprocal site agreement
A) Known vulnerabilities in the application
B) The IT security architecture framework
C) Cost-benefit analysis of current controls
D) Business processes supported by the application
2. Which of the following would provide the BEST justification for a new information security investment?
A) Results of a comprehensive threat analysis.
B) Projected reduction in risk.
C) Senior management involvement in project prioritization.
D) Defined key performance indicators (KPIs)
3. Which of the following is the PRIMARY reason for executive management to be involved in establishing an enterprise's security management framework?
A) To determine the desired state of enterprise security
B) To establish the minimum level of controls needed
C) To satisfy auditors' recommendations for enterprise security
D) To ensure industry best practices for enterprise security are followed
4. The PRIMARY reason for establishing a data classification scheme is to identify:
A) data ownership.
B) data-retention strategy.
C) appropriate controls.
D) recovery priorities.
5. Which of the following needs to be established between an IT service provider and its clients to the BEST enable adequate continuity of service in preparation for an outage?
A) Data retention policies
B) Server maintenance plans
C) Recovery time objectives
D) Reciprocal site agreement
1. Right Answer: C
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: C
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment