CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 154
1. A multinational organization's information security manager has been advised that the city in which a contracted regional data center is located is experiencing civil unrest. The information security manager should FIRST:
A) delete the organization's sensitive data at the provider's location
B) engage another service provider at a safer location
C) verify the provider's ability to protect the organization's data
D) evaluate options to recover if the data center becomes unreachable
2. When defining responsibilities with a cloud computing vendor, which of the following should be regarded as a shared responsibility between user and provider?
A) Data ownership
B) Access log review
C) Application logging
D) Incident response
3. An organization is considering whether to allow employees to use personal computing devices for business purposes. To BEST facilitate senior management's decision, the information security manager should:
A) map the strategy to business objectives
B) perform a cost-benefit analysis
C) conduct a risk assessment
D) develop a business case
4. A business unit uses an e-commerce application with a strong password policy. Many customers complain that they cannot remember their passwords because they are too long and complex. The business unit states it is imperative to improve the customer experience. The information security manager should FIRST:
A) change the password policy to improve the customer experience
B) research alternative secure methods of identity verification
C) evaluate the impact of the customer's experience on business revenue
D) recommend implementing two-factor authentication
5. The PRIMARY reason for creating a business case when proposing an information security project is to:
A) establish the value of the project in relation to business objectives
B) establish the value of the project with regard to regulatory compliance
C) ensure relevant business parties are involved in the project
D) ensure comprehensive security controls are identified
A) delete the organization's sensitive data at the provider's location
B) engage another service provider at a safer location
C) verify the provider's ability to protect the organization's data
D) evaluate options to recover if the data center becomes unreachable
2. When defining responsibilities with a cloud computing vendor, which of the following should be regarded as a shared responsibility between user and provider?
A) Data ownership
B) Access log review
C) Application logging
D) Incident response
3. An organization is considering whether to allow employees to use personal computing devices for business purposes. To BEST facilitate senior management's decision, the information security manager should:
A) map the strategy to business objectives
B) perform a cost-benefit analysis
C) conduct a risk assessment
D) develop a business case
4. A business unit uses an e-commerce application with a strong password policy. Many customers complain that they cannot remember their passwords because they are too long and complex. The business unit states it is imperative to improve the customer experience. The information security manager should FIRST:
A) change the password policy to improve the customer experience
B) research alternative secure methods of identity verification
C) evaluate the impact of the customer's experience on business revenue
D) recommend implementing two-factor authentication
5. The PRIMARY reason for creating a business case when proposing an information security project is to:
A) establish the value of the project in relation to business objectives
B) establish the value of the project with regard to regulatory compliance
C) ensure relevant business parties are involved in the project
D) ensure comprehensive security controls are identified
1. Right Answer: C
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment