CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 152
1. When considering whether to adopt a new information security framework, an organization's information security manager should FIRST:
A) compare the framework with the current business strategy
B) perform a technical feasibility analysis
C) perform a financial viability study
D) analyze the framework's legal implications and business impact
2. A data-hosting organization's data center houses servers, applications, and data for a large number of geographically dispersed customers. Which of the following strategies would be the BEST approach for developing a physical access control policy for the organization?
A) Design single sign-on or federated access
B) Conduct a risk assessment to determine security risks and mitigating controls
C) Develop access control requirements for each system and application
D) Review customers' security policies
3. After detecting an advanced persistent threat (APT), which of the following should be the information security manager's FIRST step?
A) Notify management
B) Contain the threat
C) Remove the threat
D) Perform root-cause analysis
4. A new system has been developed that does not comply with password-aging rules. This noncompliance can BEST be identified through:
A) a business impact analysis
B) an internal audit assessment
C) an incident management process
D) a progressive series of warnings
5. Which of the following is the GREATEST security threat when an organization allows remote access to a virtual private network (VPN)?
A) Client logins are subject to replay attack
B) Compromised VPN clients could impact the network
C) Attackers could compromise the VPN gateway
D) VPN traffic could be sniffed and captured
A) compare the framework with the current business strategy
B) perform a technical feasibility analysis
C) perform a financial viability study
D) analyze the framework's legal implications and business impact
2. A data-hosting organization's data center houses servers, applications, and data for a large number of geographically dispersed customers. Which of the following strategies would be the BEST approach for developing a physical access control policy for the organization?
A) Design single sign-on or federated access
B) Conduct a risk assessment to determine security risks and mitigating controls
C) Develop access control requirements for each system and application
D) Review customers' security policies
3. After detecting an advanced persistent threat (APT), which of the following should be the information security manager's FIRST step?
A) Notify management
B) Contain the threat
C) Remove the threat
D) Perform root-cause analysis
4. A new system has been developed that does not comply with password-aging rules. This noncompliance can BEST be identified through:
A) a business impact analysis
B) an internal audit assessment
C) an incident management process
D) a progressive series of warnings
5. Which of the following is the GREATEST security threat when an organization allows remote access to a virtual private network (VPN)?
A) Client logins are subject to replay attack
B) Compromised VPN clients could impact the network
C) Attackers could compromise the VPN gateway
D) VPN traffic could be sniffed and captured
1. Right Answer: A
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: D
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment