CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 173
1. The PRIMARY reason an organization would require that users sign an acknowledgment of their system access responsibilities is to:
A) maintain an accurate record of users' access rights.
B) serve as evidence of security awareness training.
C) maintain compliance with industry best practices.
D) assign accountability for transactions made with the user's ID.
2. What would be the PRIMARY reason for an organization to conduct a simulated phishing attack on its employees as part of a social engineering assessment?
A) Measure the effectiveness of security awareness training.
B) Identify the need for mitigating security controls.
C) Measure the effectiveness of the anti-spam solution.
D) Test the effectiveness of the incident response plan.
3. Which of the following activities should take place FIRST when a security patch for Internet software is received from a vendor?
A) The patch should be validated a hash algorithm.
B) The patch should be applied to critical systems.
C) The patch should be deployed quickly to systems that are vulnerable.
D) The patch should be evaluated in a testing environment.
4. An information security manager has researched several options for handling ongoing security concerns and will be presenting these solutions to business managers. Which of the following will BEST enable business managers to make an informed decision?
A) Business impact analysis
B) Cost-benefit analysis
C) Risk analysis
D) Gap analysis
5. Which of the following would BEST ensure that application security standards are in place?
A) Functional testing
B) Performing a code review
C) Publishing software coding standards
D) Penetration testing
A) maintain an accurate record of users' access rights.
B) serve as evidence of security awareness training.
C) maintain compliance with industry best practices.
D) assign accountability for transactions made with the user's ID.
2. What would be the PRIMARY reason for an organization to conduct a simulated phishing attack on its employees as part of a social engineering assessment?
A) Measure the effectiveness of security awareness training.
B) Identify the need for mitigating security controls.
C) Measure the effectiveness of the anti-spam solution.
D) Test the effectiveness of the incident response plan.
3. Which of the following activities should take place FIRST when a security patch for Internet software is received from a vendor?
A) The patch should be validated a hash algorithm.
B) The patch should be applied to critical systems.
C) The patch should be deployed quickly to systems that are vulnerable.
D) The patch should be evaluated in a testing environment.
4. An information security manager has researched several options for handling ongoing security concerns and will be presenting these solutions to business managers. Which of the following will BEST enable business managers to make an informed decision?
A) Business impact analysis
B) Cost-benefit analysis
C) Risk analysis
D) Gap analysis
5. Which of the following would BEST ensure that application security standards are in place?
A) Functional testing
B) Performing a code review
C) Publishing software coding standards
D) Penetration testing
1. Right Answer: A
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: D
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment