CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 211
1. With limited resources in the information security department, which of the following is the BEST approach for managing security risk?
A) Implement technical solutions to automate security management activities.
B) Prioritize security activities and report to management.
C) Hire additional information security staff.
D) Engage a third-party company to provide security support.
2. When an information security manager presents an information security program status report to senior management, the MAIN focus should be:
A) critical risks indicators.
B) key controls evaluation.
C) key performance indicators (KPIs).
D) net present value (NPV).
3. Reviewing which of the following would provide the GREATEST input to the asset classification process?
A) Risk assessment
B) Replacement cost of the asset
C) Sensitivity of the data
D) Compliance requirements
4. Which of the following should be an information security manager's MOST important concern to ensure admissibility of information security evidence from cyber crimes?
A) Chain of custody
B) Tools used for evidence analysis
C) Forensics contractors
D) Efficiency of the forensics team
5. Which of the following information security metrics is the MOST difficult to quantify?
A) Cost of security incidents prevented
B) Percentage of controls mapped to industry frameworks
C) Extent of employee security awareness
D) Proportion of control costs to asset value
A) Implement technical solutions to automate security management activities.
B) Prioritize security activities and report to management.
C) Hire additional information security staff.
D) Engage a third-party company to provide security support.
2. When an information security manager presents an information security program status report to senior management, the MAIN focus should be:
A) critical risks indicators.
B) key controls evaluation.
C) key performance indicators (KPIs).
D) net present value (NPV).
3. Reviewing which of the following would provide the GREATEST input to the asset classification process?
A) Risk assessment
B) Replacement cost of the asset
C) Sensitivity of the data
D) Compliance requirements
4. Which of the following should be an information security manager's MOST important concern to ensure admissibility of information security evidence from cyber crimes?
A) Chain of custody
B) Tools used for evidence analysis
C) Forensics contractors
D) Efficiency of the forensics team
5. Which of the following information security metrics is the MOST difficult to quantify?
A) Cost of security incidents prevented
B) Percentage of controls mapped to industry frameworks
C) Extent of employee security awareness
D) Proportion of control costs to asset value
1. Right Answer: B
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: C
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment