CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 177
1. Which of the following is MOST important to include in monthly information security reports to the broad?
A) Trend analysis of security metrics
B) Threat intelligence
C) Root cause analysis of security incidents
D) Risk assessment results
2. The PRIMARY purpose of vulnerability assessments is to:
A) determine the impact of potential threats.
B) test intrusion detection systems (IDS) and response procedures.
C) provide clear evidence that the system is sufficiently secure.
D) detect deficiencies that could lead to a system compromise.
3. Which of the following could be detected by a network intrusion detection system (IDS)?
A) Undocumented open ports
B) Unauthorized file change
C) Internally generated attacks
D) Emailed virus attachments
4. The recovery point objective (RPO) is required in which of the following?
A) Information security plan
B) Incident response plan
C) Business continuity plan
D) Disaster recovery plan
5. Which of the following is MOST important for an information security manager to verify before conducting full-functional continuity testing?
A) Risk acceptance by the business has been documented.
B) Incident response and recovery plans are documented in simple language.
C) Teams and individuals responsible for recovery have been identified.
D) Copies of recovery and incident response plans are kept offsite.
A) Trend analysis of security metrics
B) Threat intelligence
C) Root cause analysis of security incidents
D) Risk assessment results
2. The PRIMARY purpose of vulnerability assessments is to:
A) determine the impact of potential threats.
B) test intrusion detection systems (IDS) and response procedures.
C) provide clear evidence that the system is sufficiently secure.
D) detect deficiencies that could lead to a system compromise.
3. Which of the following could be detected by a network intrusion detection system (IDS)?
A) Undocumented open ports
B) Unauthorized file change
C) Internally generated attacks
D) Emailed virus attachments
4. The recovery point objective (RPO) is required in which of the following?
A) Information security plan
B) Incident response plan
C) Business continuity plan
D) Disaster recovery plan
5. Which of the following is MOST important for an information security manager to verify before conducting full-functional continuity testing?
A) Risk acceptance by the business has been documented.
B) Incident response and recovery plans are documented in simple language.
C) Teams and individuals responsible for recovery have been identified.
D) Copies of recovery and incident response plans are kept offsite.
1. Right Answer: A
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: C
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment