CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 46
1. Who would be in the BEST position to determine the recovery point objective (RPO) for business applications?
A) Business continuity coordinator
B) Chief operations officer (COO)
C) Information security manager
D) Internal audit
2. Which two components PRIMARILY must be assessed in an effective risk analysis?
A) Visibility and duration
B) Likelihood and impact
C) Probability and frequency
D) Financial impact and duration
3. Information security managers should use risk assessment techniques to:
A) justify selection of risk mitigation strategies.
B) maximize the return on investment (ROD.
C) provide documentation for auditors and regulators.
D) quantify risks that would otherwise be subjective.
4. In assessing risk, it is MOST essential to:
A) provide equal coverage for all asset types.
B) use benchmarking data from similar organizations.
C) consider both monetary value and likelihood of loss.
D) focus primarily on threats and recent business losses.
5. When the computer incident response team (CIRT) finds clear evidence that a hacker has penetrated the corporate network and modified customer information, an information security manager should FIRST notify:
A) the information security steering committee.
B) customers who may be impacted.
C) data owners who may be impacted.
D) regulatory- agencies overseeing privacy.
A) Business continuity coordinator
B) Chief operations officer (COO)
C) Information security manager
D) Internal audit
2. Which two components PRIMARILY must be assessed in an effective risk analysis?
A) Visibility and duration
B) Likelihood and impact
C) Probability and frequency
D) Financial impact and duration
3. Information security managers should use risk assessment techniques to:
A) justify selection of risk mitigation strategies.
B) maximize the return on investment (ROD.
C) provide documentation for auditors and regulators.
D) quantify risks that would otherwise be subjective.
4. In assessing risk, it is MOST essential to:
A) provide equal coverage for all asset types.
B) use benchmarking data from similar organizations.
C) consider both monetary value and likelihood of loss.
D) focus primarily on threats and recent business losses.
5. When the computer incident response team (CIRT) finds clear evidence that a hacker has penetrated the corporate network and modified customer information, an information security manager should FIRST notify:
A) the information security steering committee.
B) customers who may be impacted.
C) data owners who may be impacted.
D) regulatory- agencies overseeing privacy.
1. Right Answer: B
Explanation: The recovery point objective (RPO) is the processing checkpoint to which systems are recovered. In addition to data owners, the chief operations officer (COO) is the most knowledgeable person to make this decision. It would be inappropriate for the information security manager or an internal audit to determine the RPO because they are not directly responsible for the data or the operation.
2. Right Answer: B
Explanation: The probability or likelihood of the event and the financial impact or magnitude of the event must be assessed first. Duration refers to the length of the event; it is important in order to assess impact but is secondary. Once the likelihood is determined, the frequency is also important to determine overall impact.
3. Right Answer: A
Explanation: Information security managers should use risk assessment techniques to justify and implement a risk mitigation strategy as efficiently as possible. None of the other choices accomplishes that task, although they are important components.
4. Right Answer: C
Explanation: A risk analysis should take into account the potential financial impact and likelihood of a loss. It should not weigh all potential losses evenly, nor should it focus primarily on recent losses or losses experienced by similar firms. Although this is important supplementary information, it does not reflect the organization's real situation. Geography and other factors come into play as well.
5. Right Answer: C
Explanation: The data owners should be notified first so they can take steps to determine the extent of the damage and coordinate a plan for corrective action with the computer incident response team. Other parties will be notified later as required by corporate policy and regulatory requirements.
Explanation: The recovery point objective (RPO) is the processing checkpoint to which systems are recovered. In addition to data owners, the chief operations officer (COO) is the most knowledgeable person to make this decision. It would be inappropriate for the information security manager or an internal audit to determine the RPO because they are not directly responsible for the data or the operation.
2. Right Answer: B
Explanation: The probability or likelihood of the event and the financial impact or magnitude of the event must be assessed first. Duration refers to the length of the event; it is important in order to assess impact but is secondary. Once the likelihood is determined, the frequency is also important to determine overall impact.
3. Right Answer: A
Explanation: Information security managers should use risk assessment techniques to justify and implement a risk mitigation strategy as efficiently as possible. None of the other choices accomplishes that task, although they are important components.
4. Right Answer: C
Explanation: A risk analysis should take into account the potential financial impact and likelihood of a loss. It should not weigh all potential losses evenly, nor should it focus primarily on recent losses or losses experienced by similar firms. Although this is important supplementary information, it does not reflect the organization's real situation. Geography and other factors come into play as well.
5. Right Answer: C
Explanation: The data owners should be notified first so they can take steps to determine the extent of the damage and coordinate a plan for corrective action with the computer incident response team. Other parties will be notified later as required by corporate policy and regulatory requirements.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment