CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 176
1. An information security steering group should:
A) provide general oversight and guidance.
B) develop information security policies.
C) establish information security baselines.
D) oversee the daily operations of the security program.
2. Which of the following should be the PRIMARY basis for an information security strategy?
A) The organization's vision and mission.
B) Information security policies.
C) Results of a comprehensive gap analysis.
D) Audit and regulatory requirements.
3. Which of the following is an example of a vulnerability?
A) Natural disasters
B) Defective software
C) Ransomware
D) Unauthorized users
4. What would be an information security manager's BEST recommendation upon learning that an existing contract with a third party does not clearly identify requirements for safeguarding the organization's critical data?
A) Create an addendum to the existing contract.
B) Cancel the outsourcing contract.
C) Transfer the risk to the provider.
D) Initiate an external audit of the provider's data center.
5. Which of the following is the MOST important reason to monitor information risk on a continuous basis?
A) The risk profile can change over time.
B) The effectiveness of controls can be verified.
C) The cost of controls can be minimized.
D) Risk assessment errors can be identified.
A) provide general oversight and guidance.
B) develop information security policies.
C) establish information security baselines.
D) oversee the daily operations of the security program.
2. Which of the following should be the PRIMARY basis for an information security strategy?
A) The organization's vision and mission.
B) Information security policies.
C) Results of a comprehensive gap analysis.
D) Audit and regulatory requirements.
3. Which of the following is an example of a vulnerability?
A) Natural disasters
B) Defective software
C) Ransomware
D) Unauthorized users
4. What would be an information security manager's BEST recommendation upon learning that an existing contract with a third party does not clearly identify requirements for safeguarding the organization's critical data?
A) Create an addendum to the existing contract.
B) Cancel the outsourcing contract.
C) Transfer the risk to the provider.
D) Initiate an external audit of the provider's data center.
5. Which of the following is the MOST important reason to monitor information risk on a continuous basis?
A) The risk profile can change over time.
B) The effectiveness of controls can be verified.
C) The cost of controls can be minimized.
D) Risk assessment errors can be identified.
1. Right Answer: A
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: B
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: B
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment