CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 174
1. Which of the following is the BEST criterion to use when classifying assets?
A) The market value of the assets
B) Annual loss expectancy (ALE)
C) Value of the assets relative to the organization
D) Recovery time objective (RTO)
2. Which of the following is the MOST effective method to prevent an SQL injection in an employee portal?
A) Reconfigure the database schema
B) Enforce referential integrity on the database
C) Conduct code reviews
D) Conduct network penetration testing
3. Which of the following is MOST important when conducting a forensic investigation?
A) Documenting analysis steps
B) Capturing full system images
C) Maintaining a chain of custody
D) Analyzing system memory
4. Which of the following would be the information security manager's BEST course of action to gain approval for investment in a technical control?
A) Perform a cost-benefit analysis.
B) Conduct a risk assessment.
C) Calculate the exposure factor.
D) Conduct a business impact analysis (BIA).
5. Which of the following is the BEST indication of information security strategy alignment with the business?
A) Number of business objectives directly supported by information security initiatives.
B) Percentage of corporate budget allocated to information security initiatives.
C) Number of business executives who have attended information security awareness sessions.
D) Percentage of information security incidents resolved within defined service level agreements.
A) The market value of the assets
B) Annual loss expectancy (ALE)
C) Value of the assets relative to the organization
D) Recovery time objective (RTO)
2. Which of the following is the MOST effective method to prevent an SQL injection in an employee portal?
A) Reconfigure the database schema
B) Enforce referential integrity on the database
C) Conduct code reviews
D) Conduct network penetration testing
3. Which of the following is MOST important when conducting a forensic investigation?
A) Documenting analysis steps
B) Capturing full system images
C) Maintaining a chain of custody
D) Analyzing system memory
4. Which of the following would be the information security manager's BEST course of action to gain approval for investment in a technical control?
A) Perform a cost-benefit analysis.
B) Conduct a risk assessment.
C) Calculate the exposure factor.
D) Conduct a business impact analysis (BIA).
5. Which of the following is the BEST indication of information security strategy alignment with the business?
A) Number of business objectives directly supported by information security initiatives.
B) Percentage of corporate budget allocated to information security initiatives.
C) Number of business executives who have attended information security awareness sessions.
D) Percentage of information security incidents resolved within defined service level agreements.
1. Right Answer: C
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment