CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 160
1. A payroll application system accepts individual user sign-on IDs and then connects to its database using a single application ID. The GREATEST weakness under this system architecture is that:
A) users can gain direct access to the application ID and circumvent data controls.
B) when multiple sessions with the same application ID collide, the database locks up.
C) the database becomes unavailable if the password of the application ID expires.
D) an incident involving unauthorized access to data cannot be tied to a specific user.
2. A new regulation has been announced that requires mandatory reporting of security incidents that affect personal client information. Which of the following should be the information security manager's FIRST course of action?
A) Review the current security policy.
B) Inform senior management of the new regulation.
C) Update the security incident management process.
D) Determine impact to the business.
3. An organization has decided to implement a security information and event management (SIEM) system. It is MOST important for the organization to consider:
A) industry best practices.
B) data ownership.
C) log sources.
D) threat assessments.
4. Which of the following change management procedures is MOST likely to cause concern to the information security manager?
A) Fallback processes are tested the weekend before changes are made.
B) The development manager migrates programs into production.
C) A manual rather than an automated process is used to compare program versions.
D) Users are not notified of scheduled system changes.
5. A multinational organization wants to monitor outbound traffic for data leakage from the use of unapproved cloud services. Which of the following should be the information security manager's GREATEST consideration when implementing this control?
A) Security of cloud services
B) Data privacy regulations
C) Resistance from business users
D) Allocation of monitoring resources
A) users can gain direct access to the application ID and circumvent data controls.
B) when multiple sessions with the same application ID collide, the database locks up.
C) the database becomes unavailable if the password of the application ID expires.
D) an incident involving unauthorized access to data cannot be tied to a specific user.
2. A new regulation has been announced that requires mandatory reporting of security incidents that affect personal client information. Which of the following should be the information security manager's FIRST course of action?
A) Review the current security policy.
B) Inform senior management of the new regulation.
C) Update the security incident management process.
D) Determine impact to the business.
3. An organization has decided to implement a security information and event management (SIEM) system. It is MOST important for the organization to consider:
A) industry best practices.
B) data ownership.
C) log sources.
D) threat assessments.
4. Which of the following change management procedures is MOST likely to cause concern to the information security manager?
A) Fallback processes are tested the weekend before changes are made.
B) The development manager migrates programs into production.
C) A manual rather than an automated process is used to compare program versions.
D) Users are not notified of scheduled system changes.
5. A multinational organization wants to monitor outbound traffic for data leakage from the use of unapproved cloud services. Which of the following should be the information security manager's GREATEST consideration when implementing this control?
A) Security of cloud services
B) Data privacy regulations
C) Resistance from business users
D) Allocation of monitoring resources
1. Right Answer: D
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: B
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: B
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment