CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 180
1. The PRIMARY disadvantage of using a cold-site recovery facility is that it is:
A) unavailable for testing during normal business hours.
B) only available if not being used by the primary tenant.
C) not possible to reserve test dates in advance.
D) not cost-effective for testing critical applications at the site.
2. Which of the following is the BEST way to demonstrate to senior management that organizational security practices comply with industry standards?
A) Results of an independent assessment
B) Up-to-date policy and procedures documentation
C) A report on the maturity of controls
D) Existence of an industry-accepted framework
3. The BEST way to report to the board on the effectiveness of the information security program is to present:
A) a dashboard illustrating key performance metrics.
B) peer-group industry benchmarks.
C) a summary of the most recent audit findings.
D) a report of cost savings from process improvements.
4. The BEST way to identify the criticality of systems to the business is through:
A) a threat assessment.
B) an asset classification.
C) a vulnerability assessment.
D) an impact assessment.
5. Senior management has expressed concern that the organization's intrusion prevention system may repeatedly disrupt business operations. Which of the following BEST indicates that the information security manager has tuned the system to address this concern?
A) Decreasing false positives
B) Decreasing false negatives
C) Increasing false positives
D) Increasing false negatives
A) unavailable for testing during normal business hours.
B) only available if not being used by the primary tenant.
C) not possible to reserve test dates in advance.
D) not cost-effective for testing critical applications at the site.
2. Which of the following is the BEST way to demonstrate to senior management that organizational security practices comply with industry standards?
A) Results of an independent assessment
B) Up-to-date policy and procedures documentation
C) A report on the maturity of controls
D) Existence of an industry-accepted framework
3. The BEST way to report to the board on the effectiveness of the information security program is to present:
A) a dashboard illustrating key performance metrics.
B) peer-group industry benchmarks.
C) a summary of the most recent audit findings.
D) a report of cost savings from process improvements.
4. The BEST way to identify the criticality of systems to the business is through:
A) a threat assessment.
B) an asset classification.
C) a vulnerability assessment.
D) an impact assessment.
5. Senior management has expressed concern that the organization's intrusion prevention system may repeatedly disrupt business operations. Which of the following BEST indicates that the information security manager has tuned the system to address this concern?
A) Decreasing false positives
B) Decreasing false negatives
C) Increasing false positives
D) Increasing false negatives
1. Right Answer: A
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment