CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 66
1. A large organization is considering a policy that would allow employees to bring their own smartphones into the organizational environment. The MOST important concern to the information security manager should be the:
A) higher costs in supporting end users
B) impact on network capacity
C) decrease in end user productivity
D) lack of a device management solution
2. Which of the following vulnerabilities presents the GREATEST risk of external hackers gaining access to the corporate network?
A) Internal hosts running unnecessary services
B) Inadequate logging
C) Excessive administrative rights to an internal database
D) Missing patches on a workstation
3. An information security manager has developed a strategy to address new information security risks resulting from recent changes in the business. Which of the following would be MOST important to include when presenting the strategy to senior management?
A) The costs associated with business process changes
B) Results of benchmarking against industry peers
C) The impact of organizational changes on the security risk profile
D) Security controls needed for risk mitigation
4. What is the BEST way to determine the level of risk associated with information assets processed by an IT application?
A) Evaluate the potential value of information for an attacker
B) Calculate the business value of the information assets
C) Review the cost of acquiring the information assets for the business
D) Research compliance requirements associated with the information
5. When the inherent risk of a business activity is lower than the acceptable risk level, the BEST course of action would be to:
A) monitor for business changes
B) review the residual risk level
C) report compliance to management
D) implement controls to mitigate the risk
A) higher costs in supporting end users
B) impact on network capacity
C) decrease in end user productivity
D) lack of a device management solution
2. Which of the following vulnerabilities presents the GREATEST risk of external hackers gaining access to the corporate network?
A) Internal hosts running unnecessary services
B) Inadequate logging
C) Excessive administrative rights to an internal database
D) Missing patches on a workstation
3. An information security manager has developed a strategy to address new information security risks resulting from recent changes in the business. Which of the following would be MOST important to include when presenting the strategy to senior management?
A) The costs associated with business process changes
B) Results of benchmarking against industry peers
C) The impact of organizational changes on the security risk profile
D) Security controls needed for risk mitigation
4. What is the BEST way to determine the level of risk associated with information assets processed by an IT application?
A) Evaluate the potential value of information for an attacker
B) Calculate the business value of the information assets
C) Review the cost of acquiring the information assets for the business
D) Research compliance requirements associated with the information
5. When the inherent risk of a business activity is lower than the acceptable risk level, the BEST course of action would be to:
A) monitor for business changes
B) review the residual risk level
C) report compliance to management
D) implement controls to mitigate the risk
1. Right Answer: D
Explanation: Reference https://www.isaca.org/Journal/archives/2013/Volume-4/Pages/Leveraging-and-Securing-the-Bring-Your-Own-Device-and-Technology-Approach.aspx
2. Right Answer: C
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: B
Explanation:
Explanation: Reference https://www.isaca.org/Journal/archives/2013/Volume-4/Pages/Leveraging-and-Securing-the-Bring-Your-Own-Device-and-Technology-Approach.aspx
2. Right Answer: C
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: B
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment