CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 67
1. Which of the following would be MOST useful in a report to senior management for evaluating changes in the organization's information security risk position?
A) Risk register
B) Trend analysis
C) Industry benchmarks
D) Management action plan
2. An information security manager is preparing a presentation to obtain support for a security initiative. Which of the following would be the BEST way to obtain management's commitment for the initiative?
A) Include historical data of reported incidents
B) Provide the estimated return on investment
C) Provide an analysis of current risk exposures
D) Include industry benchmarking comparisons
3. Which of the following is the MOST significant security risk in IT asset management?
A) IT assets may be used by staff for private purposes
B) Unregistered IT assets may not be supported
C) Unregistered IT assets may not be included in security documentation
D) Unregistered IT assets may not be configured properly
4. Which of the following is the MOST effective method of preventing deliberate internal security breaches?
A) Screening prospective employees
B) Well-designed firewall system
C) Well-designed intrusion detection system (IDS)
D) Biometric security access control
5. A business previously accepted the risk associated with a zero-day vulnerability. The same vulnerability was recently exploited in a high-profile attack on another organization in the same industry. Which of the following should be the information security manager's FIRST course of action?
A) Reassess the risk in terms of likelihood and impact
B) Develop best and worst case scenarios
C) Report the breach of the other organization to senior management
D) Evaluate the cost of remediating the vulnerability
A) Risk register
B) Trend analysis
C) Industry benchmarks
D) Management action plan
2. An information security manager is preparing a presentation to obtain support for a security initiative. Which of the following would be the BEST way to obtain management's commitment for the initiative?
A) Include historical data of reported incidents
B) Provide the estimated return on investment
C) Provide an analysis of current risk exposures
D) Include industry benchmarking comparisons
3. Which of the following is the MOST significant security risk in IT asset management?
A) IT assets may be used by staff for private purposes
B) Unregistered IT assets may not be supported
C) Unregistered IT assets may not be included in security documentation
D) Unregistered IT assets may not be configured properly
4. Which of the following is the MOST effective method of preventing deliberate internal security breaches?
A) Screening prospective employees
B) Well-designed firewall system
C) Well-designed intrusion detection system (IDS)
D) Biometric security access control
5. A business previously accepted the risk associated with a zero-day vulnerability. The same vulnerability was recently exploited in a high-profile attack on another organization in the same industry. Which of the following should be the information security manager's FIRST course of action?
A) Reassess the risk in terms of likelihood and impact
B) Develop best and worst case scenarios
C) Report the breach of the other organization to senior management
D) Evaluate the cost of remediating the vulnerability
1. Right Answer: A
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation: Reference https://www.techrepublic.com/article/strategies-for-preventing-internal-security-breaches-in-a-growing-business/
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation: Reference https://www.techrepublic.com/article/strategies-for-preventing-internal-security-breaches-in-a-growing-business/
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment