CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 151
1. To address the issue that performance pressures on IT may conflict with information security controls, it is MOST important that:
A) noncompliance issues are reported to senior management
B) information security management understands business performance issues
C) the security policy is changed to accommodate IT performance pressure
D) senior management provides guidance and dispute resolution
2. When developing security standards, which of the following would be MOST appropriate to include?
A) Accountability for licenses
B) Acceptable use of IT assets
C) operating system requirements
D) Inventory management
3. Which of the following would be MOST effective in the strategic alignment of security initiatives?
A) A security steering committee is set up within the IT department.
B) Key information security policies are updated on a regular basis.
C) Business leaders participate in information security decision making.
D) Policies are created with input from business unit managers.
4. Which of the following would be the MOST effective countermeasure against malicious programming that rounds down transaction amounts and transfers them to the perpetrator's account?
A) Ensure that proper controls exist for code review and release management
B) Set up an agent to run a virus-scanning program across platforms
C) Implement controls for continuous monitoring of middleware transactions
D) Apply the latest patch programs to the production operating systems
5. The BEST way to mitigate the risk associated with a social engineering attack is to:
A) deploy an effective intrusion detection system (IDS)
B) perform a user-knowledge gap assessment of information security practices
C) perform a business risk assessment of the email filtering system
D) implement multi-factor authentication on critical business systems
A) noncompliance issues are reported to senior management
B) information security management understands business performance issues
C) the security policy is changed to accommodate IT performance pressure
D) senior management provides guidance and dispute resolution
2. When developing security standards, which of the following would be MOST appropriate to include?
A) Accountability for licenses
B) Acceptable use of IT assets
C) operating system requirements
D) Inventory management
3. Which of the following would be MOST effective in the strategic alignment of security initiatives?
A) A security steering committee is set up within the IT department.
B) Key information security policies are updated on a regular basis.
C) Business leaders participate in information security decision making.
D) Policies are created with input from business unit managers.
4. Which of the following would be the MOST effective countermeasure against malicious programming that rounds down transaction amounts and transfers them to the perpetrator's account?
A) Ensure that proper controls exist for code review and release management
B) Set up an agent to run a virus-scanning program across platforms
C) Implement controls for continuous monitoring of middleware transactions
D) Apply the latest patch programs to the production operating systems
5. The BEST way to mitigate the risk associated with a social engineering attack is to:
A) deploy an effective intrusion detection system (IDS)
B) perform a user-knowledge gap assessment of information security practices
C) perform a business risk assessment of the email filtering system
D) implement multi-factor authentication on critical business systems
1. Right Answer: D
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: B
Explanation:
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: B
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment